Leviathan, a Chinese APT threat actor and contractor known to support the Chinese Ministry of State Security, is targeting the supply chains of naval defense and energy exploration entities active in the South China Sea. According to continuous phishing operations identified by Proofpoint since mid-2021 this group has continued their campaigns without interruption since the US DOJ indictment in July of that year. This talk will examine two specific use cases from June 2021 and March 2022, which support an exploration of how a known reliable MSS contractor, per the details of the historic US DOJ indictment, may now support intelligence requirements tied to the deployment of kinetic naval intervention in areas of active dispute between the Chinese Communist Party and other nations in Southeast Asia and Oceania. Further by examining the timeline of these attacks, this talk will present a previously undisclosed link to a Chinese State service branch actively carrying out maritime patrols and harassing energy projects in the South China Sea.