Much of the technology that keeps the Internet functioning safely operates far from public view. Routing systems determine how data moves across networks. Domain name infrastructure helps people find legitimate websites. Threat intelligence platforms identify emerging abuse before it spreads. While these systems rarely make headlines, weaknesses in any of them can create risks for businesses, governments, nonprofits, and everyday Internet users.
Over the past several months, GCA has advanced a number of initiatives focused on strengthening these critical but often invisible layers of the Internet. Much of this work is thanks to generous grants from the Internet Society and Craig Newmark Philanthropies.
Bringing Routing Security into Enterprise Risk Management
Most organizations devote significant resources to cybersecurity, yet many overlook one of the Internet’s most fundamental dependencies: routing security. The Mutually Agreed Norms for Routing Security (MANRS) community brings together more than 1,300 network operators, cloud providers, Internet exchange points (IXPs), and other stakeholders committed to improving global routing security, with GCA serving as the initiative’s secretariat and supporting its operations, growth, and technical infrastructure.
Through a recent MANRS webinar and accompanying research, GCA explored how insecure Internet routing should be viewed as a supply chain risk rather than solely a technical networking issue. Routing incidents can disrupt services, redirect traffic, expose sensitive data, and affect organizations far beyond the network operators directly involved.
The conversation highlighted an important shift in thinking. Just as organizations now assess software suppliers and cloud providers for security risks, they should also understand the routing security practices of the networks that help deliver their services. By making routing security part of broader enterprise risk discussions, businesses can better protect the digital infrastructure they depend on every day.
Rebuilding the MANRS Observatory for the Next Decade
The MANRS Observatory is one of the most important tools available for measuring routing security across the Internet.
Originally launched in 2019, the Observatory helps network operators track routing security performance and monitor compliance with MANRS actions. Following GCA’s assumption of responsibility for MANRS in 2024, our engineering team undertook a complete rebuild of the platform.
While the new Observatory looks familiar on the surface, nearly everything underneath has been redesigned. The rebuilt platform delivers dramatically faster performance, with most API requests completing in under 100 milliseconds before caching. It also expands visibility by making more than six years of historical routing security data available, allowing users to better understand long-term trends and progress.
The new architecture includes a modern API, official software development kits for Go and Python, a first-party command-line interface, and a more resilient data ingestion pipeline that draws from redundant authoritative sources. These improvements make the Observatory easier to integrate into operational workflows while increasing reliability and reducing the impact of upstream outages.
Most importantly, the rebuild establishes a foundation for future capabilities that will help the routing security community better measure, understand, and improve the health of the Internet’s routing infrastructure. You can read more about the new Observatory here: https://manrs.org/2026/06/welcome-to-a-fully-rebuilt-manrs-observatory/
Addressing the Growing Threat of Residential Proxy Abuse
At RIPE 92, GCA examined the rise of residential proxy networks and the challenges they create for defenders.
Residential proxies allow malicious actors to route their activity through legitimate consumer Internet connections, making attacks more difficult to detect and block. These services are increasingly used to support scams and fraud, credential attacks, scraping operations, and other forms of abuse.
Through AIDE’s global network of sensors and threat intelligence capabilities, GCA is helping improve understanding of how these networks operate and how defenders can identify malicious activity that might otherwise blend into normal Internet traffic.
As criminals continue to adopt more sophisticated methods, visibility into emerging abuse techniques becomes increasingly important for protecting organizations and users alike.
Building a Community-Driven Approach to Domain Abuse
One of the Internet’s most persistent challenges is the continued abuse of domain names for phishing, fraud, scams, malware distribution, and other malicious activity.
To address this problem, GCA is convening registries, registrars, security experts, and other stakeholders around the development of a Domain Trust Badge. The effort is designed to create a measurable, community-driven framework that encourages stronger anti-abuse practices across the domain ecosystem. The GCA team is just back from ICANN 86, where we met with many of those stakeholders to further the work and get feedback on its direction.
The Domain Trust approach builds on lessons learned from MANRS, which successfully brought together a global community to improve routing security through shared norms, transparency, and collective action. Rather than relying solely on regulation or enforcement, the Domain Trust Badge seeks to create incentives for organizations to adopt and demonstrate effective anti-abuse practices.
The progress made so far demonstrates that the Internet community is willing to collaborate on practical solutions that improve trust and reduce harm at scale.
The Bigger Picture
These projects focus on different parts of the Internet, but they share a common goal: strengthening the digital foundations that modern society depends on.
Whether improving routing security, increasing visibility into emerging threats, reducing domain abuse, or building better measurement platforms, the work reflects a simple reality: a safer Internet requires investment in the infrastructure that most users never see.
By bringing together technical experts, businesses, policymakers, and civil society organizations, GCA continues to help build a more secure, resilient, and trustworthy Internet for everyone.