Deep Panda began attacking the healthcare, aerospace, and energy sectors around 2012. Deep Panda is believed to be a Chinese state sponsored group. Symantec believes that Black Vine may be affiliated with a Beijing IT security organization called Topsec. Topsec is a research institute with sites across China. Topsec focuses on information security research, training, auditing, and security products. It also hosts a hacking competition (from which they hire hackers). It is possible that some members of Topsec are affiliated with Deep Panda.

Deep Panda attacks tend to have massive impacts and they accrue proportional media attention. In order to conduct multiple sizable campaigns against United States Federal government agencies and major western health care providers for extended time periods, Deep Panda must have considerable resources at their disposal. In illustration, it is possible that Deep Panda was concurrently engaged in cyber-attacks against the United States Office of Personnel Management, the Anthem healthcare network, United Airlines, and other entities. In December 2015, the Chinese government announced that it had arrested the actors behind the OPM breach and that Deep Panda was not responsible. Many in the political and cybersecurity spheres remain skeptical that the arrests are legitimate.