To mark the 12th anniversary of Project Galileo, Cloudflare has published its first comprehensive report analyzing cyberattacks against civil society organizations. The report sheds light on the evolving threat landscape targeting human rights groups, independent media, and other at-risk entities protected under the program.
Key findings and updates from the report include:
- Over 2.6 TB of attack traffic mitigated daily for Project Galileo participants, with DDoS attacks remaining the most common vector, accounting for 39% of all mitigated requests.
- The average attack duration increased by 25% year-over-year, indicating more persistent adversaries. The longest single attack lasted 72 hours and targeted a human rights blog.
- Layer 7 attacks (application-layer) grew by 40% compared to 2023, with common patterns including HTTP floods and
GETrequests mimicking legitimate traffic. - Geopolitical targeting is on the rise: organizations in Latin America and Asia-Pacific experienced a 60% increase in attacks, often coinciding with elections or social unrest.
- New auto-mitigation rules were introduced, using machine learning to identify and block low-and-slow attacks without manual intervention.
- Cloudflare expanded the program’s scope: 360 organizations across 60+ countries now receive free security services, up from 300 last year.
For developers, this report highlights the critical need to build resilient applications that can withstand sophisticated attacks. The shift to automated defense mechanisms and AI-powered threat detection means that integrating Cloudflare’s Security APIs (e.g., POST /client/v4/firewall/rules) can help civil society projects stay protected without dedicated security teams. The increase in Layer 7 attacks also underscores the importance of rate limiting and WAF rules for any public-facing web application.
The full dataset and analysis are available to inform community best practices. Source: https://blog.cloudflare.com/celebrating-12-years-of-project-galileo/