Cloudflare, the global leader in internet security and content delivery, has revealed in its fifth annual Impact Report that it blocked an astonishing 9.9 billion cyber attacks per month in 2025—primarily targeting journalists, human rights defenders, and nonprofit organizations worldwide. This unprecedented figure highlights the escalating digital threats faced by public interest groups, and underscores the critical role played by Cloudflare’s Project Galileo in defending vulnerable internet properties against malicious actors.
Project Galileo: Shielding the Vulnerable
Project Galileo, launched by Cloudflare in 2014, is a free initiative designed to protect at-risk public interest groups—including journalists, human rights advocates, and humanitarian organizations—from distributed denial-of-service (DDoS) attacks and other cyber threats. Over the past decade, Project Galileo has expanded its reach to more than 3,000 internet properties across 120+ countries, providing robust, unmetered DDoS protection at no cost. These groups often lack the resources and technical expertise to fend off large-scale attacks, making them prime targets for those seeking to silence dissenting voices or disrupt essential services.
The Scale of Cyber Attacks in 2025
The 2025 Impact Report details a dramatic surge in attacks against independent media and civil society organizations. On average, Cloudflare blocked 290 million attacks per day—amounting to 9.9 billion monthly attacks—against the sites protected under Project Galileo. This represents a staggering 241% increase compared to the previous year, reflecting a growing trend of cyber aggression aimed at undermining free expression and critical information. Journalism organizations were the most targeted, with more than 97 billion malicious requests blocked, followed by human rights and civil society groups with 8.9 billion blocked attacks.
Types of Attacks and Tactics
The attacks mitigated by Cloudflare are not limited to simple DDoS floods. They include sophisticated Layer 7 (application-layer) DDoS requests, as well as threats blocked by the web application firewall (WAF), such as SQL injection and cross-site scripting (XSS) attacks—commonly targeting input fields like donation forms or comment boxes. Attackers are increasingly using varied methods, including both steady, low-intensity assaults and short, high-intensity bursts, in an effort to evade detection and mitigation. Notable incidents include a 28-billion-request attack on the Belarusian Investigative Center in September 2025 and a 12-day assault totaling over 2.7 billion requests against Tech4Peace, a human rights organization focused on digital rights.
Real-World Impact: Case Studies
One of the most high-profile cases involved Meduza, an independent journalism website covering Russia and the former Soviet Union. On October 11, 2023, Meduza faced a massive DDoS attack peaking at 7 million requests per second, with a total of 1.9 billion requests mitigated on that day alone. Such attacks are not isolated incidents; they often coincide with geopolitical events, such as the Israel-Hamas conflict, when there is a noticeable spike in cyber aggression against media and civil society groups.
Another example is EngageMedia, a nonprofit organization in the Asia-Pacific region that brings together advocacy, media, and technology to promote digital rights and democracy. Cloudflare’s protection enabled EngageMedia to continue its mission despite facing coordinated cyber threats, and the company also collaborated with Cloudflare on a 2025 Tech Camp for Human Rights Defenders, bringing together activist-technologists from across Asia-Pacific.
Why Journalists and Nonprofits Are Targeted
Journalists and nonprofit organizations are frequently targeted because they serve as watchdogs and advocates for transparency, accountability, and human rights. Cyber attacks against these groups are often intended to silence them, disrupt their operations, and prevent the public from accessing vital information. For organizations with limited budgets and small teams, even a brief outage can have severe consequences, halting critical services and undermining trust in their work.
The Role of Cloudflare’s Technology
Cloudflare’s ability to block such a massive volume of attacks is rooted in its global network infrastructure, which spans over 300 cities worldwide. The company’s advanced DDoS mitigation systems, combined with real-time threat intelligence and automated response protocols, allow it to absorb and neutralize attacks before they can reach their targets. Project Galileo’s free protection ensures that even the smallest organizations can maintain their online presence and continue their missions, regardless of the scale of the threats they face.
Growing Threats and Evolving Defenses
The surge in attacks is not just a technical challenge; it reflects broader societal trends. As digital platforms become more central to public discourse, the stakes for controlling or disrupting those platforms have risen. Cyber attackers are increasingly sophisticated, leveraging automation, artificial intelligence, and large botnets to launch coordinated assaults. In response, Cloudflare and other cybersecurity providers are constantly evolving their defenses, investing in machine learning, behavioral analysis, and threat-sharing initiatives to stay ahead of emerging threats.
The Human Cost of Cyber Attacks
Behind the statistics are real people and organizations whose lives and livelihoods are affected by cyber attacks. For journalists, being taken offline means losing the ability to report on critical issues, while nonprofits may be unable to provide essential services or communicate with their communities. The psychological toll is also significant, as staff members must constantly contend with the stress and uncertainty of potential attacks, diverting time and energy away from their core missions.
Looking Ahead: The Future of Digital Defense
As the digital landscape continues to evolve, the need for robust cybersecurity measures will only grow. Cloudflare’s Project Galileo stands as a model for how technology companies can support vulnerable groups and protect free expression online. However, the fight against cyber attacks is far from over. Governments, civil society, and the private sector must work together to strengthen digital defenses, promote digital literacy, and ensure that the internet remains a safe and open space for all.
Final Words
The 2025 Impact Report from Cloudflare paints a sobering picture of the digital threats faced by journalists, human rights defenders, and nonprofit organizations worldwide. With 9.9 billion attacks blocked per month—primarily targeting these vulnerable groups—the scale of cyber aggression is unprecedented. Project Galileo’s free protection has been instrumental in shielding these organizations, but the battle for digital security is ongoing. As technology advances, so too must our defenses, ensuring that the internet remains a platform for free expression, transparency, and accountability.
