New York Times breach opens anti-virus, attribution debate

But Roel Schouwenberg, a senior anti-virus researcher at Kaspersky Lab, which has discovered such potent malware as Flame and operations like "Red October," said in a tweet that while the disclosure details were appreciated, more specifics are needed.

"[T]he security industry needs tech details to make sure other targets are better protected," he said.

And the hack reopened debate over the effectiveness of anti-virus, with some big-name security vendors running to defend their solutions, while also admitting the problem is complex.

"Advanced persistent attacks are very difficult to block, and so far nobody has a complete answer to them, and never will as attackers will adapt to whatever defenses you have," blogged Jarno Nimela, senor security researcher at F-Secure, on Thursday. "AV is one important layer against advanced attacks, but is not alone enough. But then again, without AV you would have to worry about advanced attacks and all the rest that you currently are being protected from. So how does it help to advocate to not to use AV and increase your attack surface even further?"

Bellovin said installing advanced anti-virus capabilities, such as anomaly detection, is sometimes easier said than done. He cited cost, performance issues and false positives as reasons some organizations may decide against it. But, change is needed.

"Traditional AV is failing according to everyone's understanding up to, and including, Symantec," he said. "The question is, now what?"