Cloudflare Reports 81.7% Surge in DDoS Attacks Targeting Civil Society Organizations Worldwide

On the twelfth anniversary of Project Galileo, Cloudflare released its annual report titled Defending the Front Line: Insights from a Year of Protecting Civil Society. The report reveals a concerning rise in cybersecurity threats faced by vulnerable organizations globally, driven by geopolitical tensions, elections, civic unrest, and increasingly sophisticated cybercrime.

Project Galileo provides free cybersecurity protection to over 3,400 internet properties across more than 130 countries. This initiative aims to safeguard journalists, human rights advocates, independent media, environmental organizations, and humanitarian groups from cyberattacks. The findings indicate that civil society organizations across various regions and sectors have experienced cyberattacks, underscoring the growing digital risks that threaten democracy, accountability, and public welfare.

Key Findings from the Report

The report outlines several critical findings regarding the cybersecurity landscape for civil society organizations:

1. DDoS Attacks Dominate Cyber Threats
   Distributed-denial-of-service (DDoS) attacks have emerged as the most prevalent cyber threat against civil society organizations under Project Galileo, accounting for 81.7% of all malicious traffic. These attacks are characterized by their duration; while most are mitigated within minutes, many significant attacks last for days or even weeks. For instance, the Iraq-based digital rights organization Tech4Peace faced an eight-day-long DDoS attack involving 2.6 billion malicious traffic requests.
2. Frequent Attacks on Media Organizations
   Cloudflare blocked a malicious request targeting a media organization every seven seconds on average. Civil society organizations experienced attempts to exploit security vulnerabilities at a rate more than seven times higher than other Cloudflare customers. Media organizations, including journalists, were particularly vulnerable, receiving 40.5% of attacks despite making up only 22.7% of the overall population.
3. Increased Threats to Exiled Journalists
   Journalists operating in exile faced a rate of malicious traffic nearly four times higher than that of journalism organizations overall. Attacks were often focused on specific targets. For example, in December 2025, elTOQUE, a Cuban media outlet in exile, suffered a DDoS attack believed to be a deliberate attempt to restrict access to a tracker comparing the Cuban peso with foreign currencies.
4. Phishing Threats on the Rise
   Nearly 10% of all emails processed by Cloudflare for civil society organizations contained potential phishing material. Compared to other Cloudflare customers, civil society organizations faced a higher concentration of malicious emails aimed at unauthorized access. Traditional authentication protocols left these organizations vulnerable, with nearly one in three emails containing malicious content bypassing standard authentication methods. However, Cloudflare’s more sophisticated phishing detection tools successfully identified these threats.
5. Government-Attributed Internet Disruptions
   Cloudflare identified 183 Internet disruptions across its global network, with 85 attributed to government action. These disruptions often coincided with elections, protests, and student exams. In countries like Iran and Uganda, civil society organizations reported that shutdowns hindered their ability to reach affected communities, document abuses, and disseminate independent information.

Regional Implications and Context

Ercan Aydin, AVP for the Middle East, Türkiye, and Africa at Cloudflare, noted the rapid digital transformation in the region, which has increased exposure to cyber threats. Organizations supporting independent journalism, digital rights, humanitarian initiatives, and public-interest causes are increasingly operating in complex threat environments. The findings from this year’s Project Galileo report highlight the necessity of providing these organizations with access to enterprise-grade cybersecurity protections, enabling them to continue serving communities and supporting social and economic development across the region.

The report also highlights specific examples from the Middle East, including sustained attacks against Tech4Peace, which faced multiple DDoS campaigns linked to high-profile publications and fact-checking efforts.

As cyber threats continue to evolve, Cloudflare remains committed to assisting civil society organizations in building resilience against attacks that aim to silence voices, disrupt services, and undermine access to information.

For further insights into the growing cybersecurity threats faced by civil society organizations, refer to the original reporting source: cyberwarriorsmiddleeast.com.

For ongoing coverage and breaking updates, visit our Latest News section.

Published on 2026-06-21 23:43:00 • By the Editorial Desk