Security experts are urging service providers to be more proactive in tracking infected machines and taking them off their networks, after new statistics showed that many computers remain infected for months on end.
While the average assumed length of time that compromised machines remain infected is about six weeks, Trend Micro chief technology officer Dave Rand said that his research revealed a median infection length of 300 days.
"The number of compromised PCs has gone through the roof," he added. "We live in a world where the malware is outstripping the ability of the malware scanners to keep up, so we need a layered approach to protection."
Rand explained that ISPs in Holland and Turkey are starting to have significant results after proactively seeking to clean up their networks.
Driven by the desire to see their networks run more smoothly and efficiently, service providers in these countries have taken the gamble and the added cost associated with monitoring and informing customers of any unusual activity, and are reaping the benefits, said Rand.
Turkish ISPs had found that the number of compromised hosts which used to send spam dropped from 1.7 million to zero after such action. The infection rate for IP hosts in Holland last year, meanwhile, was just a third that of the UK.
"ISPs need to take a larger role in the overall security of the environment. We can't leave it to the end user," argued Rand. "Turkey did it and it works."