VERY IMPORTANT

This group, also known as Judgment Panda (CrowdStrike) and Zirconium (Microsoft), has been active since at least 2016. The group is presumed to be of Chinese origin, providing data to the Chinese government and state-owned enterprises to achieve political, economic, and military advantages. Cyberespionage is of key interest. The attackers' targets include the government sector, aerospace and defense enterprises, as well as international financial companies and the high-tech sector. In different years, the group's victims have included the government of Finland and, it is presumed, the governments of Norway and Germany too.