Game bots are particularly fond of multiprocessors over which can be run multiple threads while balancing load, continues McGraw, who's also co-author of "Exploiting Online Games." The more games organized criminals can play or steal through automated bot programs, the more virtual goods they can acquire and sell for real money.

There are many paths from the kernel that rootkits can take advantage of to exploit the firmware - boot loaders, device drivers, flash and firmware updates, says Bill Johnson, president and CEO of TDITX.com.

"Hardware security is not something most security technologists understand well," he adds. "It's an area they'd better get familiar with."

His company's infrastructure management tool, ConsoleWorks, logs and audits what's happening on the Baseboard Management Controller portion of the processor, which is the gateway interface into the rest of the processors on the motherboard. It manages this layer with VPN authentication and access.

Microsoft's acquisition in March of Komoku is also an indicator of deeper inspection technologies eventually coming to market. Backed by the US Defense Advanced Research Projects Agency, US Department of Homeland Security and the Navy, Komoku's technology and its brain trust are being absorbed by Microsoft's ForeFront and OneCare antimalware projects, says a Microsoft spokesperson.

And so rootkit technologies drive security deeper, as the game of cat chasing mouse continues.

"It's foolish to believe that we'll ever be able to make systems completely invulnerable to attack," Dai Zovi says. "However, we must make them secure enough that attacking them is not worthwhile for most criminals."

Radcliff is a freelance writer in California. She can be reached at deb@radcliff.com.