Cyberattacks increasingly aimed at civil society organisations are expanding beyond the types of threats traditionally associated with governments and large enterprises, according to new data published by Cloudflare.
The company has released its latest Project Galileo report to mark the initiative’s 12th anniversary, detailing cyber threats faced by organisations working in the public interest worldwide, including groups operating in Australia and across the Asia-Pacific.
Cloudflare said it blocked 38.5 billion malicious requests targeting participating organisations over the past year, which it described as an average of more than 105 million attacks per day.
According to the report, Project Galileo supports 59 organisations globally. Cloudflare said APAC accounts for 12% of participants, with Australian organisations making up around 4%, including Humanitix and Activists Rights.
The report covers activity between February 1, 2025, and January 31, 2026. Cloudflare said organisations protected under Project Galileo in every region and sector were targeted during the period.
Cloudflare reported that distributed denial-of-service (DDoS) attacks were the most common threat faced by Project Galileo participants, accounting for 81.6% of overall malicious traffic requests. Human rights organisations experienced the highest volume of DDoS activity, it said.
The company also said attackers attempted to exploit weaknesses in websites’ code to gain access to internal systems. Cloudflare’s web application firewall blocked 7 billion “vulnerability-type” requests, with journalistic organisations receiving the highest volume of these threats at 2.85 billion requests, according to the report.
Email-based threats were also highlighted. Cloudflare said that across 73 Project Galileo participants, it identified 1.2 million malicious emails, and that 30.2% bypassed three common authentication methods—described in the report as “nearly 1 in 3.”
Separately, Cloudflare said it identified 85 government-directed internet outages, representing 46% of all disruptions it could identify across its global network. The company said the restrictions frequently coincided with elections, protests and student exams.
You can read the full report here.
