Unlike other sophisticated, state-backed pieces of malware, such as Stuxnet – the programme used by the US and Israel to disrupt Iran's uranium enrichment facilities – Snake is a far more precise weapon.
"The interesting thing about Snake is how it is spreading," said Peter Roberts, an expert in cyber warfare at the Royal United Services Institute and a former senior military intelligence officer. "If you take a normal virus, its spread and infection is fairly uncontrollable. The thing about Snake is that it is a far more targeted piece of malware. It is being carefully targeted at security and defence systems of governments and key government partners in a very specific way."
"It has all the hallmarks of being generated by Russian operatives," he added. "There is a very high degree of probability, just short of certainty, that it is Russian."
Read MoreCyberattacks get bigger, smarter, more damaging
Computers and networks infected by Snake have been carefully preselected by the malware's operators over several stages of targeting, according to Symantec's research.
The espionage campaign in eastern Europe began with Snake's operators infecting 84 prominent public websites which they knew were visited regularly by government, defence industry and diplomatic service employees.
The first level of infection involved visitors to those websites being prompted to upgrade their shockwave player software.
Details of thousands of visitors who agreed to do so were then compiled by Snake's operators.
The second level of infection involved Snake operators targeting groups of those visitors whose IP addresses corresponded to those of institutions and organisations of interest.
Read MoreUkraine: Cyberattack on communications, MPs phones blocked
Those individuals were subsequently infected with a preliminary piece of malware known as "wipbot". The wipbot malware allowed Snake's operators to determine how senior those infected were in their organisations. This then allowed for a specific and targeted deployment of the full Snake malware package solely to those whose computer systems contained the most sensitive and valuable information.
"We think in a lot of cases where an individual or employee was infected that attack was very deliberate, very targeted," said Alan Neville, intelligence analyst at Symantec. "The most sophisticated part of this is how it is used." Snake operators nevertheless do not appear to be interested in one-off hits, Mr Neville adds. "They are interested in infecting and penetrating diplomatic systems deeply ... they are interested in all of them."
Symantec said it had informed the relevant cyber security authorities across Europe of its findings.