This allows for more dynamic attacks, but also leaves the attackers open to being identified a lot easier, Hammack said. The U.S. government is monitoring some of the compromised servers used in the attacks and can see exactly where those instructions are coming from, he said.
Herberger described the DDoS attacks as well-organized and innovative in the sense that they use newly uncovered vulnerabilities and attack origins. One example is that they leverage the infrastructure of cloud providers instead of the resources of consumer-oriented computers.
The attacks are definitely very sophisticated, Hammack said. The attackers know exactly what weak spots to hit and target them in rotation. They've obviously done a lot of research into the infrastructure of the banks and how it's configured, he said.
"These attacks have, almost simultaneously, been launched on nearly every major commercial bank in the U.S.," Herberger said. However, not all of the targeted banks have suffered outages, which suggests that some effective defenses do exist, he said.