Cloudflare blocked 38.5 billion attacks on civil society groups in the past year

Cloudflare Inc. mitigated 38.5 billion cyberattacks against civil society organizations over the past year, the company said in a report out today, and most of it was one kind of attack: Distributed denial-of-service floods made up 81.7% of the malicious traffic.

The data comes from Project Galileo, which Cloudflare started in 2014 to give independent media, human rights groups and nonprofits free protection from the kind of attacks meant to knock them offline. The program now covers more than 3,400 organizations in 120 countries. Last year’s haul of 38.5 billion blocked attacks averaged out to 105 million a day.

What set the civil society attacks apart was not their size but how long they lasted. When Cloudflare’s wider customer base gets hit with this type of DDoS attack, three-quarters of the incidents are over inside 10 minutes. Galileo participants did not get off so easily. The biggest attacks against them dragged on for days, in some cases weeks.

The chunked structure of those campaigns pointed to deliberate intent, according to the report. By sending traffic in short bursts separated by pauses, attackers could fall out of scope of automated defenses, study which rules triggered and adjust their signatures before resuming. One eight-day attack against Tech4Peace, an Iraq-based digital rights group, featured more than 2.6 billion malicious requests and followed the group’s publication of an article debunking an artificial intelligence-generated image of a Syrian politician.