The attacks used a combination of social engineering, spear-phishing attacks, exploitation of Microsoft Windows operating systems vulnerabilities, Microsoft Active Directory compromises and remote administration tools to target and harvest commercial information. Perhaps more disturbingly, they also targeted individual executives within the companies.

McAfee chief technology officer for Asia-Pacific, Mike Sentonas, said although the techniques used are not new, the attack was well organised and targeted.

"We have been working with five organisations under a non-disclosure agreement," he said. "We traced the information back to a server in China that was hosting some of the malware and noticed the active IP addresses were coming out of Beijing."

Due to the non-disclosure agreement, McAfee will not comment on the companies involved. But the vendor said that although many actors participated in the attacks, it has identified one individual who has provided the crucial infrastructure to the attackers.

Although the attacks have been traced to China, Sentonas said it doesn't mean the attack couldn't have come from another country, nor that it is condoned by the government.