After details of the sophisticated Regin malware was published online, there was concern that security companies didn't do enough to protect Internet users from the threat. Since it was released years ago, it took some time before Symantec reportedly identified - and included it in detection systems in December 2013.
However, it would appear Symantec identified Regin sometime in 2010 and it was labelled a Trojan in 2011, while F-Secure identified parts of the malware in 2009, with Microsoft learning of it in 2010.
"Symantec has been monitoring Regin for some time," Symantec recently told Forbes. "However, it has taken some time to gather all necessary components so that we can build a good understanding of the threat. We have also been monitoring for any further activity and attacks. Since no further information has come to light we have made the decision to release our findings publicly."
The Regin malware was likely created by the NSA and GCHQ - considering the US and UK priority on surveillance - cybersecurity experts wouldn't be overly surprised if the two countries were behind the code.