Monday Morning Impact – April 6

Published On: April 5, 2026Categories: Buzz

Study: Nation-State Actors and Cybercriminals Shift from ‘Breaking In’ to ‘Logging In’

Cloudflare, Inc., a San Francisco-based cloud connectivity company, has issued a new research report suggesting that threat actors are using DDoS attacks of unprecedented scale, leveraging AI systems to exploit vulnerabilities, and continuing to strike at traditional weak spots like email to find ways to “log in” versus “break in.”

The inaugural 2026 “Cloudflare Threat Report” says that cybercriminals are not just crashing websites via DDoS; they are quietly infiltrating payroll systems and tricking software into trusting them. Threat actors are using Large Language Models (LLMs) to map networks in real-time, develop new exploits, and create hyper-realistic deepfakes.

State-sponsored actors, specifically Salt Typhoon and Linen Typhoon, have shifted focus toward North American telecommunications, government entities, and IT services. These actors are shifting from traditional espionage to persistent pre-positioning — the act of installing code on the network or system of a rival state to allow for future attacks within U.S. critical infrastructure.

The report also says that North Korean operatives are using AI-generated deepfakes and fraudulent IDs to bypass hiring filters, embedding state-sponsored workers directly into Western corporate payrolls. Using U.S.-based “laptop farms,” these threat actors are masking their true location.

Meanwhile, large-scale botnets like Aisuru have evolved into nation-state level threats capable of taking down entire country’s networks. With record-breaking attacks reaching 31.4 Tbps, these high-speed strikes now demand fully autonomous defenses.

“Threat actors are constantly changing tactics, finding new vulnerabilities to exploit and ways to overwhelm their victims,” said Blake Darché, head of threat intelligence at Cloudflare. “To avoid being caught off guard, organizations must shift from a reactive posture to one fueled by real-time, actionable intelligence.”

The company says the report leverages telemetry from Cloudflare’s global network, which protects approximately 20% of the web, to drive threat research and operational response.

Channel Impact^®
This report helps partners to understand the scale of attacks, and how threat actor aggression and techniques are shifting.

Quest Software: More than 75% of Global Organizations Are Not Testing Identity Disaster Recovery Frequently Enough

Quest Software, an Austin, Texas based company specializing in data management, cybersecurity, and platform modernization, has released findings from its annual global security survey examining how organizations approach Identity Threat Detection and Response (ITDR). The survey found that more than 75 percent of organizations are not practicing disaster recovery plans in the recommended six-month timeframe, while 24 percent state they never practice it at all.

According to Quest, identity has become the primary attack surface, and the sprawl of identities across on-premises, hybrid, and cloud environments have expanded organizations’ need to better protect their environments. This has created complications with the rise of AI-led attacks, including model theft, automated attacks, and the poisoning of data. The rapid growth of non-human identities has frequently outpaced visibility and guidance, making it even more difficult for organizations to manage identity security, with an estimated 82:1 ratio of machine identities to human identities.

In a multiple-choice selection, 51 percent of respondents said that non-human identities were the most difficult to secure, with 49 percent claiming third party and partner accounts, 47 percent stating service accounts, and 46 percent saying legacy systems, highlighting the expansion of identity areas to secure.

Quest’s annual ITDR survey also revealed that, since last year, more organizations now have an ITDR practice in place, with 57 percent of respondents saying they did compared to 48 percent a year ago. Similarly, there was an increase in organizations receiving benefits from ITDR, with 92 percent agreeing to the benefits of an ITDR practice, compared to 84 percent in last year’s survey.

“Our survey findings make one point abundantly clear: identity security challenges are broad, interconnected, and steadily growing,” said Michael Laudon, Chief Product and Technology Officer, Quest Software. “Identity systems are at the center of most environments, connecting users, applications, data, automation, and cloud services. When those systems are compromised, attackers gain immediate access and, in many cases, control over how quickly an organization can respond and recover. Many organizations still lack full visibility into their identity landscape and struggle to manage expanding workloads across hybrid environments, and most teams are not validating recovery often enough to ensure rapid restoration after an attack.”

Many organizations are putting too much confidence in preventative controls, but are not as focused on response and recovery readiness, according to the company.

The State of ITDR survey was completed by 650 top global IT and security executives and practitioners about their approach to ITDR amid a rise in AI-driven attacks, an increase in non-human identities, growing recovery risk, new and changing regulatory environments, and managing expanding attack surfaces.

Channel Impact^®
Channel partners can find multiple ways to leverage the data in this report, including leveraging the details toward enhanced testing on behalf of their clients.

Anthropic invests $100 million into the Claude Partner Network

Anthropic has launched the “Claude Partner Network,” committing an initial $100 million to support partners leveraging the “Claude” AI model.

A significant proportion of the $100 million investment is promised to go directly to partners as direct support for training and sales enablement, and for market development, and co-marketing for joint campaigns and events. The company is also providing dedicated AI engineers to partners working on live customer deals, technical architects to scope more complex implementations, and localized go-to-market support in international markets.

Resources will be made available on a new partner portal, including training materials, sales playbooks, and other co-marketing documentation. Qualified partners will also be added to a Services Partner Directory, where enterprise buyers can find firms with Claude implementation experience.

The technical certification, known as the “Claude Certified Architect, Foundations,” is aimed at solution architects building production applications with Claude. Later this year, Anthropic plans to introduce additional certifications for sellers, architects, and developers.

In addition, the company is launching a Code Modernization starter kit, which gives partners a straightforward starting point for migrating legacy codebases and remediating enterprises’ technical debt. This is one of the highest-demand enterprise workloads, and one where Claude’s agentic coding capabilities most directly translate into client outcomes.

The new program is designed for management consultancies, professional services firms, specialist AI firms, and similar agencies. Alliances are also in place with major cloud providers, including AWS, Google Cloud, and Microsoft.

Channel Impact^®
The program is intended to help partners navigate deployment requirements, compliance, and change management necessary inside large organizations.

Stay in the Know

Keep tabs on what’s happening in the channel and the impact it will have on the partner community by subscribing to Channel Impact communications.