International cybercriminals are moving at lightning speed to defeat corporate security, law enforcement officials and IT security professionals heard at eCrime Congress 2009 last week.
Security measures such as two factor authentication, that many online banking services rely on, are no longer as secure as was first thought.
The challenge is enormous because cybercriminals are unfettered by national boundaries, while law enforcement agencies' efforts are limited to local jurisdictions.
In the face of an onslaught from highly organised criminal organisations, are under-resourced law enforcement agencies fighting a losing battle?
Most agree that law enforcement alone does not have the financial, technical or manpower resources that it would take to make any real impact on cybercrime.
But this does not mean the battle is lost, says UK Metropolitan Police Service deputy assistant commissioner Janet Williams.
The problem needs to be tackled with imagination and creativity, Williams, who is the lead on e-crime for the UK's Association of Chief Police Officers (ACPO), told the conference.
Police are working with UK businesses to share information, contacts, communications and other resources in a co-ordinated effort against cybercrime.
And this collaboration informs legislation, which can target cybercriminals where it hurts the most, says Mary Landesman, senior security researcher at security supplier Scansafe.
The common denominator to all cybercrime is the web hosting services that form a critical piece of the underground economy's IT infrastructure.
These services provide a vital link to the internet for cybercriminals who use them to host command and control mechanisms for botnets of hijacked computers.
If governments introduce legislation to control hosting providers, it will go a long way to curbing the activities of cybercriminals, says Landesman.
Without such legislation, there is no reason for hosting providers to turn away lucrative criminal business, she says.