Rootkit is a scary word to a CIO. It conjures visions of worms eating through the network, backdoors opened to sensitive or proprietary information, users unaware of their credit card numbers being stolen, and the stifling cost of incident response. Rootkits are discussed in hushed tones, as if the mere word will summon one from the ether. At the end of the day, rootkits are like any other malware, but tougher to detect and remove. Competitive corporations, organized crime and terrorists are using these tools to attack networks and steal data. While customer data theft can cost a company millions, insider threats are the major problem. More than 70 percent of a company,s value may be held in its intellectual property assets, a prime target for competitive intelligence gathering. Rootkits can be used to steal information without detection, which is what makes them so dangerous. Bad guys design rootkits to stay hidden for years, so they have continued access to information. Although they come in many shapes and flavors, suffice it to say, rootkit is a fairly new word for a backdoor. Many techniques used by rootkits were pioneered by virus developers in the early ,90s, and the rise of the Internet fueled the need for a remotely accessible backdoor. While Unix systems continue to be targeted, rootkits rapidly evolved to target ubiquitous Windows machines.