One in five Australian enterprises have found a rootkit on the corporate network.

This alarming figure is revealed in the 2006 Australian Computer Emergency Response Team (AusCert) Computer Crime Survey in a survey which drew responses from almost 400 companies in Australia.

For the first time, AusCert has segregated the category of "virus, worm or trojan infection" into two specific categories, virus or worm infection and trojan or rootkit infection. As a result, the survey found that 21 percent of respondent companies' networks were hit by a rootkit while 45 percent had experienced a virus or worm.

AusCert general manager Graham Ingram said the figure for rootkit infection is "disproportionately high." In the past, enterprises viewed trojan and rootkit infections as a home PC issue, he added.

Malicious code sidesteps detection

More than 60 percent of today's malicious code goes undetected by anti-spam and anti-virus tools at work in business, despite their use by 98 percent of organisations.

Hackers are yesterday's news, according to the 2006 AusCert Computer Crime Survey.

Today, organised crime is pushing an agenda of malicious code which, Ingram said, has changed the corporate landscape.

"We have always dealt with very large numbers from worm and virus infections, but Trojan and rootkit activity has always been hidden and this year, one in five enterprises is getting hit by Trojans or rootkits," he said.

"When the amount of malicious code in the form of Trojans or rootkits that's commonplace today is compared with the adoption of antivirus and anti-spam hardware (respondent enterprises reported use of either or both), then such security technology is [apparently] rendered useless against rootkits."