2004 will be characterised by a dramatic rise in malicious hacking, the birth of 'superworms', and the creation of sinister underground peer-to-peer (P2P) virus creation networks, a security company has predicted.

The pessimistic forecast from Clearswift is based on analysis of last year's SoBig project, which, according to the email security firm, marked the emergence of long-term malware projects involving multi-stage coordinated attacks using spam, worms, Trojans, spyware and proxies.

The groups behind these projects have now established a network of broadband home PCs which can be used covertly as an anonymous platform for criminal activity.

"The network, dubbed Sinit, removes the single point of failure that is often targeted by law enforcers in order to terminate viruses (as was the case with the last SoBig virus). With Sinit, there is no central server that can be shut down," warned Clearswift.

The Sinit network has been designed to enable rapid dispersal of viruses and uses encryption technology to prevent antivirus companies from tracking development activity or modifying the virus codes.

It is possible that Sinit could also constitute the launch pad for a highly efficient 'superworm'.

"It looks as though 2004 will be the year of the superworm," said Pete Simpson, manager of ThreatLab at Clearswift.

"It's always been an arms race in the battle between virus writers and antivirus companies. However, both sides now have financial incentives.

"Sinit represents a new and daunting challenge to antivirus companies and further emphasises the need to have a multi-layered defence against these security threats."

Clearswift said that 2003 saw a "clear switch" in the motives of the virus writer, with intellectual challenge or simple-minded cyber-vandalism being superseded by financial gain as the primary motive for malware coding.