Cyber Incident Victim: Thai Ministry of Defence
Date:
Dec 2016
Location:
Thailand
Summary
Anonymous hackers conducted DDoS attacks against Thai government websites, including the defence ministry, in retaliation for restrictive internet legislation enabling state surveillance and censorship without judicial oversight. The attacks disrupted access to multiple agencies' sites, with hackers leaking stolen documents, though officials claimed preparedness and minimal impact while warning of potential risks to critical infrastructure. The government condemned the perpetrators as 'thugs,' while privacy advocates and international organizations criticized the law's threats to online freedoms and human rights.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On December 16, 2016, hackers associated with the Anonymous collective executed distributed denial-of-service (DDoS) attacks against multiple Thai government websites in response to the passage of amendments to the country’s Computer Crime Act. The military-appointed legislature had unanimously approved the legislation earlier that day, granting authorities expanded powers to monitor private communications, access online content without judicial oversight, and implement censorship measures. Primary targets included the Thai Ministry of Defence, whose website was rendered inaccessible during and after the attack, alongside the Ministry of Digital Economy and Society, the Prime Minister’s Office, and the Office of the National Security Council. Attackers disrupted normal operations by overwhelming these sites with traffic, though Thai defence officials publicly minimized the incident’s operational impact, asserting their systems were prepared for such disruptions. A hacker aligned with the campaign claimed responsibility on Twitter by posting screenshots of documents allegedly exfiltrated from compromised government systems.
The Thai government condemned the attacks, characterizing the perpetrators as “thugs” attempting to sow chaos and urging citizens to report any related suspicious activity. Officials warned that escalated attacks could inflict broader damage on critical infrastructure, including financial networks and transportation systems. Concurrently, privacy advocates and human rights organizations—including Amnesty International and the Thai Netizen Network—had petitioned against the cyber law amendments prior to their passage, arguing the provisions enabled disproportionate surveillance and threatened digital freedoms. The United Nations Office of Human Rights echoed these concerns, citing risks to online expression and privacy. Prime Minister Prayuth Chan-ocha defended the legislation as essential for combating harmful online content, framing it as a necessary tool for national security despite sustained criticism over its potential for abuse. The Defence Ministry’s website remained offline following the attack, though no additional disruptions to military or civilian systems were formally acknowledged.