Rights group calls on Thai government to end alleged cyberattacks against civil society

Human rights nonprofit Amnesty International urged Thai authorities this week to investigate claims of state-sponsored cyberattacks against human rights organizations and pro-democracy activists following the leak of internal government documents that seemingly detailed such an operation. 

The documents, revealed by opposition lawmaker Chayaphon Satondee during a parliamentary debate last month, describe a coordinated campaign by Thai police and military units operating a joint “Cyber Team” tasked with undermining civil society organizations, including Amnesty International, through phishing attacks, social media manipulation and disinformation.

According to the leaked materials, the team identified Amnesty as a “high-value target” and sought to discredit the organization’s work, particularly during politically sensitive periods such as the country’s 2023 general election. Other groups reportedly named in the documents include international NGOs, local civil society networks and prominent democracy advocates.

“These cyberattacks are an outrageous assault on Thailand’s civic space,” said Chanatip Tatiyakaroonwong, Amnesty International’s Thailand researcher. “The government must disclose the full extent of state involvement and ensure accountability for those responsible.”

The Thai government has denied the allegations. A government representative speaking during the parliamentary session dismissed claims of state involvement in any cyber campaign.

In a statement earlier this week, Amnesty said the leaked documents align with patterns it has long observed in Thailand, where digital repression — including surveillance, smear campaigns and harassment — has increasingly been used to silence dissent. The organization highlighted past instances of gender-based abuse targeting women and LGBTI activists, including online attacks against former Amnesty Thailand director Piyanut Kotsan.

Darika Bamrungchok, Southeast Asia policy analyst at digital rights group Access Now, said that this operation, if confirmed, would reflect a broader regional trend of state-aligned actors leveraging digital technologies to suppress dissent and restrict civic space while avoiding direct attribution.

“These incidents appear to mark a shift from the use of formal legal tools — such as the Computer Crime Act — toward more covert and asymmetric digital tactics, including digital surveillance, social media manipulation, and reputational attacks,” she told Recorded Future News.

The Computer Crime Act addresses cybercrimes such as hacking, online fraud and the dissemination of illegal content in Thailand. The law has been controversial at times, particularly regarding its broad interpretation of what constitutes harmful content, which some critics argue could be used for censorship or to suppress free speech.

Access Now was not named among the targets of the alleged Thai government cyber operations, according to Bamrungchok.

Thai officials have not commented further on the documents since the parliamentary debate. Recorded Future News was unable to verify the authenticity of the leaked materials.