Wikipedia has an informative article on
Fancy Bear, APT128, Pawn storm, Sofacy Group, Sednit and STRONTIUM (all are apparently the same group behind the current threat) with years of documented attacks around the world as well as a non-technical description of their methods of attack. They are noted for their ability to defeat anti-malware efforts targeted at their "products" within an hour of the anti-malware's release. There is reason to believe their "products" are capable of successfully hiding from anti-malware software as well.
I don't know enough about. the threat to know how it is propagated or how it works to comment knowledgeably, but there is also the possibility that like the ongoing vulnerability of Intel, ARM, an other CPUs a permanent "cure" or "protection" will require developing and replacing hardware, firmware, and existing internet protocols.