The Invisible War: Why Securing the Internet Is Everyone’s Responsibility

By Leslie Daigle – Chief Technical Officer, Global Cyber Alliance

At the ARIN 55 Public Policy and Members Meeting in April 2025, Leslie Daigle presented the keynote address, “Strengthening Internet Integrity: Collaborative Solutions for Cybersecurity Challenges.” In the post below, originally published on the Global Cyber Alliance blog, she provides an overview of the presentation’s content.

When you think of cybersecurity, you might picture firewalls, phishing emails, or the occasional data breach. But step back for a moment. Imagine the Internet itself — not just your Wi-Fi router or favorite social media platform, but the actual global network of networks. Securing that beast? Now that’s a whole different kind of challenge.

At the Global Cyber Alliance(GCA), where I serve as Chief Technology Officer, we’ve spent the last decade working — quietly but persistently — to make the Internet a safer place. You might not have heard of us, and that’s okay. Our mission isn’t about visibility — it’s about impact.

A Simpler Time, A Harder Problem

Let’s rewind a bit. There was a time when banking meant physically visiting a branch, and a computer was something beige sitting on your desk. It was a simpler digital era, but one that’s long gone.

Today, nearly everything we do — banking, healthcare, business, communication — relies on the Internet. It’s everywhere, and so are the threats. The complexity of our modern digital life has exponentially increased the “attack surface.” That means more opportunities for bad actors to find a way in.

So what makes securing the Internet so hard? For starters, the Internet doesn’t recognize borders. You might register a domain in Europe, host it in Asia, and serve users in the Americas — seamlessly. The infrastructure is global, but the laws and protections are local. That disconnect creates a perfect storm for cybercriminals.

Integrity Matters

We often talk about cybersecurity in terms of stopping bad actors. But there’s a deeper issue at play — Internet integrity. That means having an Internet that works smoothly, consistently, and securely across borders and networks.

Unfortunately, well-meaning security measures can sometimes hurt that integrity. I encountered this personally while traveling to Thailand and trying to access my pay stub. The site simply blocked access from Thai IP addresses. Was it a security measure? A regulatory choice? Poor design? Doesn’t matter. The result was a fragmented Internet — a problem that affects businesses and users alike.

Why This Isn’t Just a Tech Problem

Let’s talk business. In 2024, a cyberattack on UnitedHealth’s Change Healthcare division led to a $0.92 drop in share price. That might not sound dramatic unless you’re a shareholder — but consider how many businesses rely on healthcare services. Disruptions ripple far and wide.

And it’s not just attacks. Think back to the CrowdStrike outage in July 2024. It wasn’t a cyberattack — it was a software issue — but the fallout grounded flights and stalled businesses around the world. It was a visceral reminder of how tightly wound our systems are.

The message is clear: Cybersecurity is no longer an IT department issue. It’s a boardroom issue. It’s a risk management issue. It’s a societal issue.

What the Data Tells Us

Through its AIDE project, GCA runs a “honey farm” — a global network of decoy systems designed to attract and log cyberattacks. With more than 200 sensors listening 24/7, we track who’s knocking on the Internet’s doors, what passwords they try, what commands they run.

The results? Sobering.

We see constant probing of every open IPv4 port. Every. Single. One. And not just from one region — these attacks originate from all over the world. They aren’t script kiddies having fun. They’re coordinated campaigns. Real adversaries. Real threats.

Some recent examples include:

• Volt Typhoon, a China-linked campaign targeting U.S. critical infrastructure through routers and cameras.
• Flax Typhoon, focused on Taiwan, using stealthy malware to hijack legitimate software.
• CAPSAICIN, which targets old D-Link router vulnerabilities — suggesting there are still thousands of outdated, vulnerable devices in the wild.

And it’s not just about being a target. Some networks are unknowingly sources of this malicious traffic. We recently analyzed attack data from four anonymized networks. One of them was a cloud provider. Guess what? Their infrastructure was being used to launch attacks — against us and others.

That traffic doesn’t just hurt reputations. It can reduce the value of your IP space and get your infrastructure blocked. It’s a problem whether you notice it or not.

A Path Forward

Okay, so it’s hard. It’s messy. It’s global. Why even try?

Because the Internet still works — and works well — because of collaboration. Competitors have come together in the past to make things better. One example? World IPv6 Day and World IPv6 Launch and their impact on global IPv6 adoption. Another is Mutually Agreed Norms for Routing Security (MANRS) — a community-led effort to make the global routing system more secure.

At GCA, we’re building on that spirit. Our Internet Integrity Program focuses on the fundamental building blocks of the Internet: names, numbers, and routes. Through data collection, partnership with infrastructure operators, and targeted recommendations, we’re trying to create a blueprint for measurable, collaborative action.

We believe that networks need to do more than protect themselves. They must take proactive steps to prevent malicious traffic from leaving their networks. That might mean identifying compromised machines, hardening infrastructure, or supporting security norms like MANRS.

No Silver Bullets, But Real Progress

Here’s the hard truth: There is no silver bullet. No single company, country, or agency can fix the Internet.

But together, through shared responsibility and collaborative norms, we can reduce the attack surface. We can raise the bar for what’s acceptable. We can preserve Internet integrity.

So, the next time someone says, “That’s not my problem,” remember: If your network is part of the Internet, it is your problem. And it’s also your opportunity.

Because the Internet isn’t just a tool. It’s our shared space — our global commons. And we all have a role in protecting it.

For the full content of Leslie’s presentation at ARIN 55 in April 2025, including the Q&A portion of the session, read the transcript or watch the video recording of the keynote address.

Post written by:

Leslie Daigle
Chief Technical Officer, Global Cyber Alliance

As Chief Technical Officer of the Global Cyber Alliance (GCA), Leslie is responsible for the technology strategy that advances GCA’s development and deployment of global solutions. She also leads the Internet Integrity Program, which is focused on working with Internet infrastructure operators to improve the security of the Internet as a whole.

Leslie was previously the first Chief Internet Technology Officer for the Internet Society, where she helped to (re)create the global dialog on important technical issues, calling stakeholders to action by providing achievable targets and facilitating their own collaboration across (corporate) organizational boundaries.

Leslie is co-founder and co-host of the TechSequences podcast, which explores the many facets of Internet technology, along with its intended (and sometimes unintended) consequences.

Any views, positions, statements, or opinions of a guest blog post are those of the author alone and do not represent those of ARIN. ARIN does not guarantee the accuracy, completeness, or validity of any claims or statements, nor shall ARIN be liable for any representations, omissions, or errors contained in a guest blog post.

Recent blogs categorized under: Security

• Enhancing ARIN’s Org Create Vetting Process
• ARIN Achieves Compliance with SOC 2 Type 2 and PCI DSS Security Standards
• 3 Strategies for Ensuring the Security of Your Digital Infrastructure
• ARIN Meets ‘SOC 2’ Industry Standard for Security Compliance