Wired on Friday: It's the stuff of movies. An Israeli couple finds a particularly odd computer virus on their home PC, after documents appear on the internet that should have never left their home. A police investigation leads to the top of a number of major companies in Israel, and back to the virus's originator in London.

Arrests ensue; some of the guilty skip the country. There may well be other, more guilty parties to find.

The only thing it's lacking is a Sandra Bullock figure in the centre, discovering the pieces of the puzzle, while trying to keep one step ahead of the mob. Or the Illuminati, or whoever it is in this blockbuster.

It wasn't a film, however: this was the media coverage of the Israeli Trojan Horse last week. It's the first high-profile case of a computer virus being used as part of an industrial espionage ring and prompted many to talk about the new and particular danger these little bits of software pose.

Media commentators took the opportunity to announce that malware, short for malicious software, has finally arrived.

They sit quietly on your computer, it was explained, sucking up all kinds of documents and everything you type in and push it out onto the internet towards their villainous authors.

In Israel, even religious leaders are giving "I-told-you-so" sermons about the dangers of computers. But how scared of this new threat should we be? Perhaps it is not the dangers of malware that this story exposes, but the size and temptations of the economic espionage market. Though it gets little attention, business-to-business spying is big, and seemingly very profitable.

No one knows how big it is, since no corporation publishes their spy budgets, but the FBI estimates that trade secret losses in the United States cost tens of billions of dollars a year. So, if your competitor's loss is your gain, the business world of spying easily pays for itself, at almost any price.

Except of course, the price of getting caught, and that's where this mediagenic malware story truly starts to break new ground. Industrial espionage convictions are vanishingly rare. More often, companies that have been spied on are as eager to keep quiet as the ones doing the spying, leading to little formal legal engagement.

Even in situations where companies do get caught and are forced to pay civil damages to their competitors, no one gets arrested. Professional business world spies are free to move onto the next job.

Finding private investigators the world over offering "company investigations" is an easy Google search away. Once the scope of business-to-business spying becomes apparent, what's remarkable isn't that the Israeli worm incident was occurring: it's that its perpetrators were unmasked at all.

Why were they caught? Because, contrary to the earnest pronouncements, malware is a terrible way to spy. When a security professional catches an unauthorised program on a PC, they don't just make it spill its name, rank, and serial number. The malware spills its entire guts.

A knowledgeable eye can determine where a virus came from, what it was doing, and where it was reporting back to, and they have the time to uncover the truth.

The transparency of a trapped piece of malware doesn't matter that much for most virus writers, in most situations where such dirty code is used. Virus writers are "here today, gone tomorrow" types, often in economically troubled or politically unstable nations. There's no headquarters to trace everything back to; no specific target virus creators are after. Credit card data and zombie machines for sending spam e-mails aren't part of some tightly-defined campaign in the way that the abduction of trade secrets might have to be plotted. The creators and their creations are opportunistic - breaking, entering and moving on.

Even then, virus-spyware authors still get traced a fair amount of the time. The fact is, leaving a malware on a competitor's computer talking back to a private investigator you've hired is a good way of getting caught.

Take the case of the Witty worm, a computer virus from March of last year that infected more than 12,000 hosts worldwide in 75 minutes. It used a nearly-random number scheme to jump from computer to computer.

Nearly random - but not quite random enough. Several computer scientists were able to work the number scheme backwards and deduce the location of "patient zero" - the point where the virus entered the net.

No technique this sophisticated was needed to crack the espionage ring in the Israeli scandal. The virus wasn't well-designed, and, having been sold to private investigators, probably wasn't being deployed by people who were knowledgeable about how to best operate it.

The problems with the Israeli scandal were largely perceptual - a new twist on an old tale that, despite its glamour, is rarely revealed to the outside world. Espionage of any kind is damaging: because of the wide range of perpetrating and victim companies involved in the ring, Israeli economists worried about foreign investment and fraud.

But the upside may very well be that a case like this will throw the overarching problem of industrial espionage into the light. Dumpster diving, bribery, social engineering and other more traditional methods of corporate spying have failed and mostly go unnoticed.

We can only hope dishonest businesses continue to adopt badly-written Trojan horses: at least with such clumsy tools, we'll know the scale of the problem.