Trinus Technologies Inc.
Home arrow Corporate Support Services arrow Have You Heard of "ROOTKITS" - Threat!!
Have You Heard of "ROOTKITS" - Threat!! Print E-mail
Written by Bradley Siddell   
computer lightAlthough every organization is aware of the importance of securing their core systems, networks, and end-user equipment against viruses, many are failing to protect themselves from rootkits, or hidden malicious software that aims to steal corporate or personal information on a network for a hacker's personal gain. There are a number of trends that have contributed to the increasing likelihood of infection with rootkits. One of those trends is the greater emphasis companies are placing on mobility.

Another factor fueling the rise in rootkits is the security holes that exist in Microsoft Windows and related products, which allow for automated rootkit installation.

Most of the large security players are taking the same approach to fighting rootkits as they do to eliminating viruses: Signature-based searches that track down known rootkits and apply related fixes. However, two major vendors--Symantec and Trend Micro--are taking different approaches to fighting rootkits. Symantec is using mapping technology to discover rootkits on compromised systems, while Trend Micro has developed a complete library called the Rootkit Common Module, which sees hidden processes, hidden registry keys, and hidden files. But despite advances in removing and preventing rootkits, Steve Manzuik, senior manager of security engineering at Juniper, said he sees no end in sight to threat from the malicious software. In fact, rootkits are only becoming more and more insidious, he said. Manzuik noted that some rootkits can now bypass the security sandbox. These rootkits detect they are in the sandbox and trick the system into thinking they are legitimate applications.

Source: InfoWorld (04/30/07) ; Hultquist, Steve