WASHINGTON – The U.S. government may need sweeping new powers to investigate and prosecute future denial-of-service attacks, top law enforcement officials said Tuesday.

Anonymous remailers and free trial accounts allow hackers and online pornographers to cloak their identity, deputy attorney general Eric Holder told a joint congressional panel.

"A criminal using tools and other information easily available over the Internet can operate in almost perfect anonymity," Holder told the panel.

Holder said the Clinton administration is reviewing "whether we have adequate legal tools to locate, identify, and prosecute cyber criminals," but stopped short of endorsing a specific proposal.

Currently no laws require U.S. Internet users to reveal their identity before signing up for an account, and both fee-based and free services offer anonymous mail, Web browsing, and dialup connections.

During the unusual joint session, legislators from both the House and Senate judiciary committees gathered on Capitol Hill where they discussed how assaults on Web sites could cripple the U.S. economy.

They also wondered when the yet-to-be-identified perpetrators of the recent spate of DoS attacks would be identified.

If the noncommittal testimony of Justice Department and FBI officials is any indication, it might take a while. "Computer crime investigators in a number of FBI field offices and investigators from other agencies are investigating these attacks," said Holder, who refused to divulge details.

The technical details of the presentations seemed to elude Republican South Carolina Senator Strom Thurmond, the oldest surviving member of the Senate. Thurmond, chairman of the Senate's criminal justice oversight subcommittee, was born in 1902 and ran for president in 1948 as a member of the States' Rights party.

But it was one of the younger members of the House – Texas Democrat Sheila Jackson Lee – who appeared the most confused. She said that parents should be held legally responsible for what their teen-age children do "on those Internet channels."

Most of the legislators at the hearing seemed content not drafting new Internet regulations, a laissez-faire concept enthusiastically backed by the tech firms that testified.

Howard Schmidt, Microsoft's chief information security officer, said he would "caution against swift action, legislative or otherwise, on this front."

"Microsoft and other information technology companies deal daily with a host of hacker assaults," he said. "We regularly defeat the vast majority of those efforts and we constantly upgrade our products and support services to provide protection against similar attacks."

A Cisco Systems executive agreed.

"We do not ask Congress for new laws in the area of Internet security," said Charles Giancarlo, a Cisco senior vice president. "Cooperation, not regulation or legislation, will ensure that the Internet remains secure."

That hasn't stopped legislators from legislating. Democratic New York Senator Chuck Schumer said last week that he wants to make it easier for police to eavesdrop on an online communication and prosecute 15-year-olds as adults.

Schumer's proposal also would allow federal prosecutions under the Computer Fraud and Abuse Act even if the company being attacked suffered no monetary loss. Current law requires $5,000 in damages before a prosecution can happen.

While the industry doesn't seem wild about the plan, they don't appear to be eager to oppose it either.

But a representative of a civil liberties group voiced concerns about federal legislation that would hand prosecutors more power.

"You must be careful to ensure that the recent Internet attacks do not serve as justification for legislation or other government mandates that will be harmful to civil liberties and the positive aspects of the openness and relative anonymity of the Internet," said James Dempsey, staff counsel of the Center for Democracy and Technology.