Cloudflare marks 12 years of Project Galileo with threat report

Cloudflare has marked the 12th anniversary of Project Galileo, its initiative providing free cybersecurity services to at-risk civil society organizations, by releasing its first comprehensive report on cyber threats targeting these groups. The program, which now protects more than 3,400 websites across 120 countries, has become a critical resource for journalists, human rights defenders, and nonprofits operating in high-risk environments. This year’s milestone includes new data, case studies, and partnerships aimed at expanding protections for vulnerable groups globally.

Threat landscape for civil society

The newly published report leverages Cloudflare’s network data, which spans 335 cities in 125 countries and processes traffic for over 20% of the web, to compare cyber threats faced by civil society organizations against broader internet trends. The findings highlight a stark disparity: civil society groups are targeted more frequently and with greater intensity than typical internet users. Attacks often coincide with key moments in their work, such as the release of investigative reports or public advocacy campaigns.

DDoS attacks emerged as the most common threat, with some lasting for days or weeks. Civil society organizations also faced website vulnerability exploitation attempts at a rate more than seven times higher than other Cloudflare customers. Media organizations were particularly affected, with journalists operating in exile experiencing malicious traffic at nearly four times the rate of journalism organizations overall. Phishing was another persistent issue, with nearly 10% of emails processed for civil society containing potential phishing material.

The report concludes with a call to action for the industry, urging the adoption of simple, affordable cybersecurity tools, greater transparency around cyberattacks and internet shutdowns, and the integration of AI and post-quantum protections into security products by default.

Expanding reach and partnerships

Project Galileo’s growth has been supported by 59 civil society partners, who review and approve applications to the program. These partners, which include organizations like the International Center for Journalists and NGO-ISAC, play a crucial role in ensuring the program’s resources reach deserving groups. This year, Cloudflare added three new partners focused on supporting journalists: the International Center for Journalists, Media Cluster Norway, and NGO-ISAC.

The program has also prioritized expanding its reach beyond North America and Europe. Efforts include attending regional events like RightsCon in Costa Rica (2023) and Taiwan (2025) to engage with local digital rights organizations. Recent additions to the partner network, such as EngageMedia and the OpenCulture Foundation in the Asia-Pacific region, reflect this focus. Cloudflare has also introduced new services to help local news organizations protect their content from AI crawlers, further supporting journalism in vulnerable contexts.

Case studies and future direction

Alongside the report, Cloudflare released 16 case studies detailing the security needs of Project Galileo participants. These include organizations like the SHARE Foundation in Serbia, which advocates for digital rights, and the Ukraine War Archive, which documents evidence of war crimes. Other participants range from research groups like the Bulletin of Atomic Scientists to nonprofit media outlets like elTOQUE, an independent Cuban digital media platform.

Looking ahead, Cloudflare plans to produce the threat report annually, enabling long-term trend analysis. The company remains committed to expanding protections for at-risk groups, with a focus on regions where civil society faces heightened threats. For organizations seeking support, Project Galileo continues to accept applications through its network of partners.