"He's missing the point," countered Phyllis Schneck, McAfee's vice president and CTO for the antivirus company's global public sector group, in a of her own. "It's not the sophistication of the attack that's important, and this is a clear case where technical arguments are preventing some people from seeing the larger, more important picture."

Schneck argued that Shady RAT was newsworthy because of the number of targeted agencies, organizations and companies, as well as the attack's duration and the amount of data allegedly taken. "Quiet, insidious, market-changing threats like these hide in the noise of botnets, 'hacks,' and other high-profile or nuisance events," Schneck said.

She denied that the attacks came from a botnet, and accused Kaspersky of "getting botnets and advanced persistent threats confused."

But Schneck also backed McAfee away from the APT moniker -- which it used in the original report -- and instead said Shady RAT was better described by "successful persistent threat," or SPT.

"It was only as advanced as it needed to be," said Schneck, also distancing McAfee from the "sophisticated" tag it had given to Shady RAT earlier.