Security-related policy or legislation is enacted and then enforced to protect corporate, government or military interests. Civil organizations are often left flailing in the wind, fending for themselves with fewer IT resources and experience than a Middle America mom-and-pop operation. Yet these non-governmental—and not-for-profit—organizations have tasked themselves with helping those targeted by lethal adversaries who aren’t just after corporate secrets, but are out to deny people their freedom or, in some cases, their lives.

Tibetan activists in China as well as those living in exile around the world are being targeted by dangerous malware that not only steals data from infected computers, but also has graduated to reporting location data from mobile devices for surveillance purposes.

Researchers have noticed a spike in cyberattacks over the past few weeks targeting the Uyghur people, a Turkic ethnic group based primarily in China and Kazakhstan. The attacks have been exploiting a Microsoft Word vulnerability patched in June 2009, according to a Securelist post by Kaspersky Lab Senior Security Researcher Costin Raiu yesterday.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.