Greg Aaron

From ICANNWiki
Jump to: navigation, search
Country: USA
Email: greg [at]
LinkedIn: LinkedInIcon.png   Greg Aaron
ICANNLogo.png Currently a member

Greg Aaron is the President of Illumintel Inc., a consultancy founded in 2011. Illumintel provides analysis, investigations, due diligence, and public policy advising, especially in the areas of cybersecurity and Internet governance. Greg is an internationally recognized authority on the abuse of domain names and Internet crime, and is an expert on registry operations and domain name intellectual property issues. Greg is also a licensed private investigator.

Greg has been a member of ICANN's Security and Stability Advisory Committee (SSAC) since October 2011. Greg also serves as Senior Research Fellow at the Anti-Phishing Working Group (APWG), and is co-chair of the APWG's Internet Policy Committee (IPC). He is the co-author of the ongoing Global Phishing Survey series, which is the major source of phishing metrics and analysis.[1] He participates in the Messaging Anti-Abuse Working Group (MAAWG), and regularly makes presentations at security conferences around the world. He is a member of ICANN's Registry Services Evaluation Panel.[2]

Greg is a member of the GNSO's ePDP Working Group on Next-Generation gTLD Registration Directory Service (RDS)[3], and served on its predecessor RDS PDP. Greg is co-chair of SSAC's Organizational Review[4] Working Party, and has served on SSAC's Membership Committee twice. He is a member of the GNSO's PDP Working Group on Next-Generation gTLD Registration Directory Service (RDS).[5] He was the Chair of the GNSO's Registration Abuse Policy Working Group.[6] He was a member of ICANN's Joint DNS Security and Stability Analysis Working Group (DSSA), and ICANN's Fast-Flux Working Group.[7]


Greg was previously Vice-President of Product Management and Analytics at iThreat Cyber Group[8], a cybersecurity firm that provides risk data and analysis to companies in a wide variety of industries, including consumer products, entertainment, and pharmaceuticals.

Greg was previously Director of Key Account Management and Domain Security at Afilias.[9] He was part of the Afilias team that launched .info in 2001; he managed .info between 2001 to 2005 and 2008 to 2011, handling Sunrises, creating product business requirements, and running business operations. In 2003, Greg led the development of a new registry platform for Afilias and migrated a number of ccTLDs onto it, including .ag, .gi, .hn, .la, .sc, and .vc.[10] Greg advised the Government of India and registry operator NIXI regarding domain and related Internet policies from 2004 to 2008, and in 2004 led the re-launch of India's ccTLD, .in, on new systems with a set of liberalized policies. The .in domain grew from 6,500 domains to more than 450,000 in short order, and Greg also led the creation of a test-bed for deploying IDNs in Indic languages. In 2006, Greg directed the service rollout for the .mobi TLD on behalf of Afilias' customer mTLD Top Level Domain Ltd., and managed .mobi services into 2008. After a smooth rollout, .mobi became the largest and most prominent domain from the last round of new TLDs. In 2008, Greg directed the highly successful introduction of .me, the ccTLD for Montenegro, in a partership between Afilias, GoDaddy, and doMEn. In 2011, Greg helped ICM Registry create the business requirements and operational launch plan for the .xxx registry.

Previously, he worked at Internet companies such as Travelocity and CitySearch, and in

New TLD Program

Greg was the senior industry expert on the Ernst & Young (EY) team that evaluated new gTLD applications in 2012-2013, reviewing the applicant responses regarding registry services, rights protection mechanisms, security, and registry operations. He contributed input and revisions to the various versions of the Applicant Guidebook in 2009 to 2011.

Security and Anti-abuse

Greg wrote the first major gTLD anti-abuse policy, which has been adapted in other TLDs, including .org and by many of the new gTLD registries launching in 2013 and beyond. In 2010, Greg accepted an OTA Excellence in Online Trust Award. He regularly interacts with law enforcement personnel regarding e-crime issues, and has investigated phishing, malware, spamming gangs, the distribution of child sexual abuse images, and botnets.


In 1997 Greg became one of the first bloggers to cover Silicon Valley.

He lives in Philadelphia, and is a graduate of the University of Pennsylvania,[11] where he was a Benjamin Franklin Scholar.[12]


Greg Aaron being interviewed by Jeremy Hitchcock at ICANN 35 about the Registration Abuse Working Group.