The era of attacks seeking brute force entry into systems is fading according to a new report. In its place is a model of high-trust exploitation that prioritizes results at all costs.
Cloudflare has produced its first Threat Report to help equip defenders with a strategic roadmap for this new era. It reveals that threat actors are using DDoS attacks of unprecedented scale, leveraging AI systems to exploit vulnerabilities, and continuing to strike at traditional weak spots like email to find ways to ‘log in’ rather than ‘break in.’
Threat actors are actively targeting legitimate SaaS, IaaS, and PaaS tools such as Google Calendar, Dropbox, and GitHub to camouflage malicious actions within benign enterprise activity.
They’re also using Large Language Models (LLMs) to map networks in real-time, develop new exploits, and create hyper-realistic deepfakes. Cloudforce One tracked a threat actor who leveraged AI to help identify the location of high-value data. This allowed the actor to compromise hundreds of corporate tenants — high-volume SaaS applications that allow multiple organizations to share resources — in one of the most impactful supply chain attacks seen.
“Hackers thrive on the gaps left by fragmented, stale threat intelligence. At Cloudflare, we’ve built the largest and most comprehensive global sensor network that gives us a front-row seat to threats invisible to everyone else,” says Matthew Prince, co-founder and CEO of Cloudflare. “By sharing this intelligence with the world, we’re plugging the gaps and shifting the advantage back to the defenders. The result is a safer, more reliable Internet, where it is fundamentally more difficult and expensive for hackers to operate.”
The report also highlights that North Korean operatives are using AI-generated deepfakes and fraudulent IDs to bypass hiring filters, embedding state-sponsored workers directly into Western corporate payrolls. Using US-based ‘laptop farms,’ these threat actors are masking their true location.
“Threat actors are constantly changing tactics, finding new vulnerabilities to exploit and ways to overwhelm their victims. To avoid being caught off guard, organizations must shift from a reactive posture to one fueled by real-time, actionable intelligence,” says Blake Darché, head of threat intelligence, Cloudforce One at Cloudflare. “This report is a North Star for understanding the scale of attacks, and how threat actor aggression and techniques are shifting. The message to defenders is simple: lead with intelligence or risk falling behind in a race where the stakes have never been higher.”
You can read more and get the full report on the Cloudflare blog.
Image credit: denisismagilov/depositphotos.com
