Security Operations, Threat Intelligence, AI/ML, Identity, Phishing, Email security

Cloudflare report: Cybercrime industrialized with AI and cloud exploitation

Holographic digital shield with warning sign hovers over glowing circuit board. Cybersecurity threat detection system uses futuristic tech for network protection. Data safety alert.

Cybercrime has reached full industrial scale, with attackers weaponizing the internet's openness and the connective tissue of cloud and software-as-a-service platforms to move faster and more efficiently than ever, according to a new report from Cloudflare Inc. The inaugural 2026 Cloudflare Threat Report analyzes telemetry from a network that processes over 20% of global internet traffic and blocks more than 234 billion threats daily, as reported by Silicon Angle.

The report highlights a shift towards stealth and efficiency, with threat actors prioritizing speed, automation, and return on effort over complex exploits. Generative AI is a significant force multiplier, used for creating phishing lures, bridging knowledge gaps in enterprise software, and accelerating exploit development. While email remains a primary entry point, with nearly half of analyzed emails failing DMARC validation, industrialized phishing-as-a-service operations are offering solutions that harvest live session tokens.

Distributed denial-of-service attacks have become hypervolumetric, reaching 31.4 terabits per second. Business email compromise attempts exceeded $123 million in 2025, with attackers targeting amounts around $49,000 on average. Nation-state actors, including China-linked groups, are targeting North American telecommunications and government services for long-term pre-positioning, while North Korean operators use deepfakes and laptop farms for revenue generation.

The report argues that defenders must adopt equally automated, system-level resilience, pivoting from reactive, infrastructure-centric defense to a proactive, identity-centric resilience model. The identity layer has become the primary battleground due to session hijacking, SaaS supply chain abuse, and AI-accelerated intrusions. Recommendations include stricter enforcement of email authentication standards like DMARC, SPF, and DKIM, tighter controls on SaaS integrations and API keys, and expanded use of zero-trust principles, including biometric verification and geofencing for remote access.

Source: Silicon Angle

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds