More than half of all state-sponsored cyberattacks aimed at the US technology sector are coming from one place. And they’re after one thing.
CrowdStrike’s 2026 Technology Threat Landscape Report found that China-linked adversaries were responsible for 58% of state-sponsored cyber intrusions targeting US tech companies, with artificial intelligence assets and intellectual property sitting squarely in the crosshairs. The report covers activity from April 1, 2025, through March 31, 2026.
Five panda-named groups are doing the heavy lifting
CrowdStrike identified five distinct China-nexus threat groups driving the campaign: MURKY PANDA, MUSTANG PANDA, OVERCAST PANDA, SUNRISE PANDA, and WARP PANDA. Each group targeted the technology sector more aggressively than any other industry, reflecting Beijing’s broader strategic push toward technological self-sufficiency.
MURKY PANDA stood out as particularly prolific. Its password-spraying operations alone compromised more than 340 US-based entities.
