Schneier, a security researcher, author and chief technology officer at security services supplier Counterpane, said the components to create a devastating worm attack were already on the internet. "It is just a matter of putting them together," he said.
Viruses have become increasingly sophisticated over the past 12 months, highlighting the need for businesses to keep their anti-virus systems updated and IT networks patched, Schneier said.
There were 1,000 new viruses released in the last six months of 2004. Many were sophisticated polymorphic and metamorphic viruses, which are able to change form, or download complete rewrites of their underlying code.
"We are seeing more targeted worms. We are seeing worms that use Google to identify vulnerable machines. They are much more complex, much more sophisticated than conventional worms," he said. Worms and viruses targeted at mobile devices will become more common, as mobile devices are used for buying and selling, Schneier warned.
Developments in technology are unlikely to give IT departments any automatic defence against worms and viruses in the foreseeable future, he added. The best defence for the time being are intrusion detection and prevention systems, which rely on attack signatures, rather than the detection of anomalous behaviour.
This means that there will continue to be a need for large numbers of people to monitor and respond to threats on the internet and to develop countermeasures, said Schneier.