Botnets are the biggest global threat facing the internet today, according to security experts at the RSA security conference in San Francisco this week.
Ira Winkler, president of the Internet Security Advisors Group, said: "The statistics are basically that we're screwed. There is no real strategy for it. No-one is doing anything."
Winkler said there needs to be a fundamental change in people's attitudes to effectively combat botnets. "It's going to take a lot more than education, technology and law enforcement."
The most effective approach to tackling botnets would be to impose penalties on people who allow their computers to become infected, making users take more responsibility, according to Winkler.
He said: "We need to hold users responsible. ISPs should have a responsibility of making sure users aren't hosting botnets."
The botnet problem is getting worse, with no obvious solution in sight, according to Joe Telafici, vice president of Avert Operation at McAfee.
Telafici said: "The problem today is many orders of magnitude worse [than] last year. If we don't find a way to make it less profitable to do this, it won't go away."
Jordana Siegel, deputy director of outreach and awareness at the National Cyber Security Division of the US Department of Homeland Security, said: "We're seeing a constant increase in malicious code, which includes botnets."
Read this
Special report: The top five internal security threats
What should an employer watch out for?
Ronald Teixeira, executive director of the National Cyber Security Alliance, said: "Botnets are, I think, the biggest threat we face on the internet today. Tackling this is going a long way to limit attacks."
But Matthew Fine, supervisory special agent with the FBI, said the fact that criminals are now going to jail for botnet attacks is a step in the right direction.
"It's sending a message that judges understand this is affecting lives," said Fine.
But more still needs to be done, Fine warned. "I think we're all screaming for help. Hopefully we'll get some updated laws to help us."
Talkback
How do people know if they have got them?
More details would be useful.
KLR
How do you know if you have them? Very simple, if you run windoze, you are prone to be infected.
WIth respect, I run the security for over 280 Windows Servers and 3000+ laptop/desktops, and other than the few I see every Sunday morning and when executives etc come back from conferences. We do not have a problem, the front end IPS and firewall logs collect the data on infected machines and we disinfect the machines proactively.
Also consider a Network Access Control system in addition to above to quarantine the machines in their own Vlan prior to disinfection.
Security is and should be proactive, not just relying on AV and patching to ensure protection, passive protection is no protection.
I have to ask, how does your strategy work if the bots are sending small amounts of encrypted stuff? Sometimes legit stuff is small in size and encrypted, so how do you work out what's what and what's not?
We have a database of traffic profiles for each server/client vs the installed applications. Therefore additional traffic and open ports show up using the delta differences between the old profile and the new one.
This gives us a list of suspect machines, we then look at the NAC complicance logs, Altiris Software/Hardware inventory and AV alerts for indications of the source of the differences.