He thinks too that its is more likely that a nation-state is behind it. "There is a list of banks in Lebanon and throughout the Middle East that have dealings with people and organizations we might consider shady," he said. "If one can follow the flow of money in and out of these institutions, the intelligence organizations will better understand who works for whom, who is doing what, and perhaps why."

Whoever created Gauss, Harding is impressed. "It is elegant and has gathered so much information. Whoever did the Intelligence Gain Loss (IGL) for using this system should receive a medal," he said. "Sure, the system is compromised. Sure, the Command and Control servers for this have gone dark. Sure, the world is aware of Gauss and is actively looking for it, but this is bleeding edge use of tools in cyberspace."

In fact, he said, he believes Gauss indicates that even better malware tools are being developed that will be even more difficult to discover and neutralize. "My take on this is that we now have a proof of concept, a working model, and the challenge now is to refine the code," Harding said. "Make it smaller, faster and quieter."

in CSOonline's Malware/Cybercrime section.