Cloudforce One exposes threat actors targeting governments, defence sectors, and critical infrastructure – while giving organisations insights needed to execute offensive and defensive security strategies.
Cloudflare, Inc., a connectivity cloud company, announced its threat intelligence team, Cloudforce One, will make its research public for the first time ever as part of a commitment to democratise access to critical threat insights.
Combining the expertise of the Cloudforce One team with the company’s global network — — security teams can now access timely information on the malicious tactics and trends that underpin the 158 billion threats Cloudflare’s network blocks daily.
Threat actors are mission driven. Motivated by efficiency and profit, they continuously shift tactics to uncover novel ways to pull off sophisticated and successful exploits. The result is a constantly evolving, complex, and overwhelming threat landscape, reflected by the projection of cybercrime to hit an annual $10.5 trillion in 2025.
As security teams work to juggle and combat the risks that have led to a 72% increase in data breaches over the past few years, access to threat intelligence has never been more critical. It provides clarity around the causes of these breaches and proactive measures to prevent them, so security leaders can make more informed decisions that move the needle towards resilience.
“We believe in helping build a more secure, reliable Internet. But that can’t exist unless we disrupt and drain the resources of the hackers who abuse its power for personal or political gain,” said Matthew Prince, CEO and cofounder at Cloudflare. “Today, Cloudflare is giving defenders a leg up in the race, by committing to continuously share nuanced threat intelligence that no other company has access to, with the industry at-large.”
Cloudflare’s Threat Intelligence Portal provides a centralised view across the entire threat landscape. Through Cloudforce One, Cloudflare now offers its own experts to help identify and respond to emerging threats, while also providing real-time reconnaissance. Today, the Cloudforce One team published deep insight on:
- A South Asia-focused threat actor targeting governments, defence sectors, and critical infrastructure: Deemed “SloppyLemming,” this threat actor has been carrying out attacks predominantly targeting Pakistan. SloppyLemming primarily leverages credential harvesting techniques—e.g., tactics that involve stealing personal or financial data from users—to exploit its targets.
- Increased attacks on the global supply chain – freight fraud is on the rise: Since January 2024, the organisations that connect shippers with goods have seen a sizable uptick in fraudulent attacks. One Fortune 500 food and beverage customer has experienced about 10 of these incidents consistently every month since the start of the year. The most widely used technique to execute attacks on these organisations is “double-brokering,” a man in the middle method where a threat actor impersonates a transport company to capture payment for deals.
“Threat intelligence is non-negotiable when it comes to tipping the scale back in favour of defenders. And with Cloudflare’s global network as our foundation, Cloudforce One identifies and defends against attacks with an arsenal that is unmatched,” said Blake Darché, Head of Cloudforce One at Cloudflare. “In this new era of threat intelligence, Cloudforce One is perfectly positioned to detect and degrade today’s threat actors who erode trust and wreak havoc.”