In December 2006, F-Secure researcher Kimmo Kasslin wrote a paper "Kernel Malware: The Attack from Within" and a presentation that outlined the growth of rootkit malware attacks. What made these very interesting and worrisome were the following:
1. While rootkit attacks still only make up a small percentage of overall attacks, they are growing very quickly.
2. He indicates in his paper that most anti-virus and other malware detection solutions are either incapable of detecting the rootkit or, if they do detect are very weak in removing the rootkit.
3. He also indicates the extreme damage that the rootkit can do to an enterprise.
This warning also fits in with a blog I wrote in the fall "Finding and removing rootkit attacks - How secure do you feel?". That blog was based on tests Symantec released comparing itself to other vendors re rootkit attack detection and removal.
The enterprise firewall, intrusion prevention and identity authentication schemes can be relatively easily bypassed via rootkits. Take note!