However, Thompson worries that culling the herds may breed a stronger beast. "We might just be killing off the [command-and-controls] that are easily found and making them get stronger and more cunning to survive," he added. Like Thompson, Evron admits that the command-and-control shutdowns are only a small part of dealing with the growth of botnets. "Anything you do that kills the problem right now has one direct result. The bad guys go back to drawing board and plan a more sophisticated mode of attack. Were always going to be playing catch-up," Evron conceded.Todays hackers code for cash, not chaos. Click here to read more. With the new mailing list and increased public participation, Evron envisages a scenario where experts in the anti-virus, anti-phishing, anti-spyware and anti-spam industries are all working together on research and development to help curb the growth of botnets. Websenses Hubbard agrees theres no silver bullet to solve the problem. "Were seeing a major crossover," he said. "Bots are now coming with keyloggers. Were seeing botnets being used in conjunction with phishing attacks. The effort has to get buy-in from everyone, including law enforcement authorities, ISPs, dynamic DNS providers and the general public. "I dont think well ever shut down botnets. The problem is just going to change with time," Hubbard added. "The techniques are becoming better and more sophisticated as we come out with new defense techniques. Were just trying to slow them down, really." Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
"Its all about return-on-investment," he said. "Botnets are being used to make money. Its very well-organized, and its working for the bad guys. If you can change the economics by making it more dangerous and difficult for them to control the botnets, thats the only way to try to get ahead of game."