Cloudflare’s Project Galileo Report Highlights Surge in Attacks on Civil Society, Including Australian Targets
Cloudflare’s Project Galileo launched in 2014 to protect journalists, activists, and minority groups from cyber threats has revealed a sharp rise in attacks against civil society organizations, with Australian entities increasingly in the crosshairs. The latest report, covering February 1, 2025, to January 31, 2026, found that groups worldwide faced relentless targeting, with distributed denial-of-service (DDoS) attacks accounting for over 80% of incidents.
Globally, Cloudflare blocked 38.5 billion malicious requests against protected organizations, with 18% (6.9 billion) originating in the Asia-Pacific region an average of 18.9 million attacks per day. Despite representing only 12% of Project Galileo’s global beneficiaries, APAC organizations, including Australian groups like Humanitix and Activist Rights, faced disproportionate targeting, making up 4% of protected entities.
The report underscores that civil society groups endure seven times more website vulnerability exploit attempts than other Cloudflare customers. While most DDoS attacks on general users last minutes, those against civil society often persist for days or weeks, aligning with prior findings that nonprofits, religious institutions, and civic groups are among the most targeted.
Beyond DDoS, attackers employed multilayered tactics, such as using high-volume attacks to conceal vulnerability scans exemplified by a campaign against a global environmental organization during a climate conference in Brazil. Journalists bore a particularly heavy burden, suffering 40.5% of website vulnerability attacks despite comprising just 22.7% of protected users.
The findings highlight an escalating threat landscape where malicious actors, including hostile governments, intensify efforts to disrupt vulnerable groups through both brute-force and stealthy cyber operations.
Humanitix TPRM report: https://www.rankiteo.com/company/humanitix
"id": "hum1782433436",
"linkid": "humanitix",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Civil Society',
'location': 'Australia',
'name': 'Humanitix',
'type': 'Nonprofit'},
{'industry': 'Civil Society',
'location': 'Australia',
'name': 'Activist Rights',
'type': 'Nonprofit'},
{'industry': 'Environmental',
'location': 'Global',
'name': 'Global environmental organization',
'type': 'Nonprofit'},
{'industry': 'Media',
'location': 'Global',
'name': 'Journalists',
'type': 'Individuals/Group'}],
'attack_vector': ['Network-based', 'Application-layer'],
'date_detected': '2025-02-01',
'date_publicly_disclosed': '2026-01-31',
'description': 'Cloudflare’s Project Galileo, launched in 2014 to protect '
'journalists, activists, and minority groups from cyber '
'threats, revealed a sharp rise in attacks against civil '
'society organizations, with Australian entities increasingly '
'targeted. The report covers February 1, 2025, to January 31, '
'2026, and found that groups worldwide faced relentless '
'targeting, with DDoS attacks accounting for over 80% of '
'incidents. Globally, Cloudflare blocked 38.5 billion '
'malicious requests, with 18% (6.9 billion) originating in the '
'Asia-Pacific region, averaging 18.9 million attacks per day. '
'Civil society groups endured seven times more website '
'vulnerability exploit attempts than other Cloudflare '
'customers, with attacks often persisting for days or weeks. '
'Beyond DDoS, attackers employed multilayered tactics, '
'including high-volume attacks to conceal vulnerability scans.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to '
'targeted organizations',
'downtime': ['Days', 'Weeks'],
'operational_impact': 'Disruption of services for civil society '
'organizations',
'systems_affected': ['Websites']},
'investigation_status': 'Report published',
'lessons_learned': 'Civil society organizations are disproportionately '
'targeted, facing prolonged and multilayered attacks, '
'including DDoS and vulnerability exploitation. '
'Journalists and environmental groups are particularly '
'vulnerable.',
'motivation': ['Disruption', 'Political', 'Ideological'],
'post_incident_analysis': {'corrective_actions': ['Strengthened DDoS '
'protection',
'Increased monitoring for '
'civil society '
'organizations'],
'root_causes': ['Hostile government activity',
'Ideological motivations',
'Targeting of vulnerable groups']},
'recommendations': 'Enhanced protection measures for civil society, including '
'prolonged DDoS mitigation, vulnerability scanning, and '
'targeted support for high-risk groups like journalists '
'and activists.',
'references': [{'source': 'Cloudflare’s Project Galileo Report'}],
'response': {'containment_measures': ['DDoS mitigation', 'Attack blocking'],
'incident_response_plan_activated': 'Project Galileo protection '
'measures'},
'threat_actor': ['Hostile governments', 'Malicious actors'],
'title': 'Cloudflare’s Project Galileo Report Highlights Surge in Attacks on '
'Civil Society, Including Australian Targets',
'type': ['DDoS', 'Vulnerability Exploitation']}