APT 30 has been operating since 2005 without significantly changing its attack methods, FireEye said. Its target? "Air-gapped" networks that are supposed to be physically isolated from the Internet.