Cloudflare sees massive rise in attacks targeting media, nonprofits and human rights groups – News

A new report out today from Cloudflare Inc., marking the 11th anniversary of Project Galileo, reveals a sharp increase in cyberattacks targeting civil society organizations, with application-layer distributed denial-of-service attacks overtaking traditional web exploit attempts by a wide margin.

Project Galileo is a Cloudflare program that offers free cybersecurity protection to at-risk public interest organizations, such as independent media, human rights groups and nonprofits. The program, launched in 2014, helps safeguard vulnerable groups from cyberattacks such as DDoS and web exploits, enabling them to stay online and continue their critical work.

The report reveals that in the 11 months to March 31, Cloudflare blocked a staggering 108.9 billion threats aimed at Galileo-protected organizations, up 241% from the previous year. That works out to an average of 325.2 million attacks per day.

The most targeted groups were found to be independent media organizations and journalists, which accounted for more than 97 billion blocked requests across 315 outlets. Civil society and human rights organizations ranked second, with nearly 9 billion requests. The spike in attacks follows an increasingly hostile global climate for activists, NGOs and journalists, particularly in regions under authoritarian pressure or rule.

The report highlights attacks against environmental and disaster relief groups, with more than 1 billion malicious requests blocked. These organizations, which often serve as critical information hubs during emergencies, faced persistent DDoS threats that could disrupt life-saving updates and operations.

Social welfare organizations, including those providing healthcare, education and food security, were hit with 1.5 billion attacks over the same period. One highlighted incident targeted a Polish healthcare charity just one day before its major annual fundraiser, highlighting how timing is often used to maximize disruption.

The report does a deep dive into several complex, multi-day attacks that varied in intensity and tactics. A 12-day campaign against Tech4Peace, a digital rights group, combined prolonged lower-intensity traffic with short, high-burst assaults, indicating a calculated effort to test and bypass defenses.

Cloudflare also observed coordinated attacks on Ukrainian public safety websites during major Russian drone strikes. Sites including Ukrainealarm.com and alerts.in.ua were targeted with tens of millions of requests, likely in an attempt to hinder access to real-time alert systems during active conflict.

“Unfortunately, many human rights groups, especially smaller ones, lack the resources to implement strong cybersecurity defenses, making cyberattacks an easy attack vector for those aiming to undermine their efforts,” the report and accompanying blog post state. “Helping protect these organizations and allowing them to focus on their work is a fundamental part of helping build a better internet.”

Image: News/Reve