To have an educated discussion about rootkits, it is important to understand what they are, what they do, how they can get on to your system and, if you find one on your computer, what you can do to remedy the situation. It’s also important to discuss the difference between security monitoring software and rootkits.
Most people are aware of viruses, worms and other malware, all of which can be harmful to your computer. The rootkit is perhaps the most dangerous, potentially destructive member of the malware family; in fact, some computer experts put rootkits in a category of their own. A rootkit is computer software which allows a remote user to access and control your computer, usually without your knowledge. When you install a rootkit onto someone’s computer, you can control that computer from hundreds of miles away without the other person knowing that you are controlling the computer. A person using a rootkit is capable of executing files, accessing log files, changing the configuration of the computer they’ve invaded and monitoring activities on that computer.
Now that you understand what a rootkit is, it is easier to understand why it is dual purpose software; hackers install it on your computer, as part of a virus or download, in order to gain access to sensitive information that they are trying to obtain. Internet security monitoring software, legitimate software that monitors an individual’s activities, is used by law enforcement, parents and employers to monitor criminal activity, where children are going online and whether an employee is spending too much work time on Facebook, respectively, for example.
Parents use internet monitoring software to keep their kids safe while they are online; this legitimate security software is sometimes referred to as a rootkit. Employers employ the same internet monitoring software to monitor what their employees are doing on the company’s computers, both during and after work hours, which is perfectly legal. In fact, most companies, as part of the hiring paperwork, include a statement about computer monitoring, which they often require the employee to sign. While it is not illegal to use monitoring software or rookits, as IT security people learn more about the realm in which hackers lurk, more states are considering laws regarding the rootkits and penalties for misusing it. Most people who use rootkits, known as hackers, do so with malicious intent, or illegal purposes in mind, such as obtaining passwords and other sensitive personal information which is stolen in order to steal your identity.