Neha Madaan of the Times of India on targeted cyber attacks infilerating nations around the South China sea as part of a concerted cyber espionage campaign:

Each target country has a designated human operator, whose job it is to take advantage of cultural aspects of the country, such as a tendency to use personal email accounts for work; the placing of infrastructure (a proxy server) within the country’s borders to provide daily support for real-time connections and data exfiltration; at least five years of high volume, high profile, geo-political attack activity; platform-independent code, and the ability to intercept the entire network traffic; 48 commands in the repertoire of the remote administration utility, including commands for taking a complete inventory, downloading and uploading data, installing add-on modules, or working with the command line.

Sounds like nation state activity, and should not be all the surprising given the region where the attacks took place. This activity is only going to increase until the victim countries learn to adequately defend themselves against nation state cyber attack campaigns.