This appears to be a sophisticated threat targeting the aerospace and military sector. Organisations who develop, deliver, maintain and use weapon systems at and for state level clients. A threat which maybe difficult to identify and manage even for the most mature cyber complaint organisations. I wonder how many are US defence contractors and where appropriate DFARS 48 CFR § 252.204-7012 compliant?