Encryption wont solve this problem, because the hackers will steal the keys.
From another thread
I would change it so vital parts of the protocol can be preformed with out a connection to the internet, and only encrypted blocks of cipher text / already signed data would need to touch the internet. People could decrypt and verify signatures on a different machine with no connection to the internet, and the data to try to hash also transferred this way and then coins mined for and stored completely offline prior to a signed/ciphertext transfer of value. This would prevent hackers from being able to attack the network with buffer overflows and similar, root all of the clients and destroy the value of Bitcoin. This could be done either with flaws in the programming of the bitcoin client used, or flaws in the programming of other applications used in a shared environment. I doubt many Bitcoin users are taking security measures capable of defending from intelligence agency / military / super l33t hackers in general and such an attacker could likely take over the network. By removing critical processes from the internet entirely and having only secured/signed/encrypted data online, you can completely remove the risk of hackers 100%. This is the only way to remove such risk 100% as well, but most users are not even securing themselves near as well as they could be while connected to the internet, and the technical expertise required to do this is significantly beyond that of the average computer user.
I should also add that data should be transferred between the internet connected machine and the disconnected machine via CD which is discarded, so an attacker can not use the CD as a compromise vector to communicate data from the disconnected machine to the connected machine and then back to the attacker. Also, at least one back up of the drive of the disconnected drive should be made periodically, incase a compromise attempts to wipe the drive rather than steal the wallet
I think this is the only solution. Also I would like to point out that even if you are a security expert, as long as you are connected to the internet there is always the risk of some hacker. There are probably hacker groups out there right now that would be capable of taking over 99% of the bitcoin network and stealing all wallets, and adding encrypted wallets isn't going to change that since they could just steal the key.
Your main wallet could be in the offline machine, then you just update it's blockchain via CD.
As most people know, you can easily
send to an offline account, so that's no problem, but how do you spend
from it securely?
The answer I think is in wallet surgery... upcoming tools that will allow you to split off say $49.95 from your wallet while completely OFFLINE. Then transfer that new $49.95-value wallet.dat to the net-connected machine via CD for spending. This will probably be a bit dependent on your savings wallet consisting of many small-value addresses, rather than a few large-value addresses.
However I only fire up bitcoin when sending/receiving money. hope that mitigates my risk somewhat. 
