A large-scale and persistent campaign of cyberattacks targeting organizations with ties to Japan has been identified. Symantec researchers have discovered the campaign, which uses the recently discovered ZeroLogon vulnerability, linking it to exploits against companies in the industrial, automotive, pharmaceutical and engineering sectors. The latest wave of attacks has been going on since at least mid-October 2019 and only ended last month. The target companies are all known entities, many of which have ties to Japan, which is the modus operandi of this group. APT10 was known to target Japanese companies in previous attack campaigns. "The scale and sophistication of this attack campaign indicate that it is the work of a large and well-resourced group, with Symantec, a division of Broadcom, discovering enough evidence to attribute it to Cicada (aka APT10, Stone Panda, Cloud Hopper)," the Symantec Threat Hunter team explained. "Cicada has been involved in espionage operations since 2009, and US government officials have linked the activities of APT10, which we follow as Cicada, to the Chinese government."