Writing in his bog, security expert Bruce Schneier said “precisely calibrated” attacks on key net firms had been seen for over a year and are probing weaknesses in the defences of organisations that oversaw critical parts of the net.
It is possible that the attackers are Chinese or Russian and the range of attacks he described was “the new normal” for many of the organisations.
The attacks are not clever they use DDoS attacks to probe defences, to knock it out by overwhelming it with data. But in this case they were “significantly larger” and lasted longer than most such attacks.
There was also a science involved with the amount of data being directed at victims was slowly turned up. Often, he said, the peak data rate of one series of attacks would be the starting point for the next wave.
The attackers were trying several different types of DDoS attack to see how the companies would respond.
Verisign has backed Schneier’s conclusions. In the latest edition of a regularly issued report, it said it had seen DDoS attacks become “more frequent, persistent and complex”.
Arbor Networks, which helps defend firms against DDoS attacks, said they had been growing in “frequency, volume, and sophistication” for many years.
However Roland Dobbins, principal engineer at Arbor, told the BBC it was “manifestly untrue” that only state-sponsored hackers could mount the most sophisticated and sizeable attacks as the attacks could be done by anyone.
“Some are nation-state actors, some are affiliated with nation-states at arm’s length, many are non-state ideological actors, and many are commercially driven criminal actors,” Dobbins said.