The report identifies four different methods of cyber attacks that are being utilized. These include the use of fake social media accounts to deliver malicious surveillance technologies to human rights defenders, phishing attempts to steal human rights defenders' Facebook and Google credentials, malware known as Crimson that is used for long-term surveillance, and spyware known as StealthAgent that "can intercept phone calls and messages,steal pictures, and track victims' locations once installed on a victim's Android phone."
Some malicious emails have been identified as being as early as mid-2016. Some of the attacks are stated as being "extremely personalized and well crafted." Some of the attacks come from profiles who claim to work in social justice.
Amnesty has called on the government of Pakistan to condemn the attacks and to investigate the attacks. Amnesty also called on the government of Pakistan to condemn the use of enforced disappearances in the country.
Pakistan has been previously accused of violating human rights. In March 2017 Pakistan renewed [JURIST report] the ability to use military courts against civilians accused of terrorism, which Human Rights Watch has stated violates human rights. Pakistan had approved [JURIST report] a cyber security law in August 2016 which Human Rights Watch stated could hinder free speech and privacy,