Symantec has strong indications of attacker activity in organisations in the US, Turkey, and Switzerland, with traces of activity in organisations outside of these countries. The U.S. and Turkey were also among the countries targeted by Dragonfly in its earlier campaign, though the focus on organisations in Turkey does appear to have increased dramatically in this more recent campaign.