Verisign was now "leaning" on upstream services to deal with the server vulnerabilities that have helped these attacks get off the ground but he remains pessimistic about the success of that strategy while the economic incentive remains low, he said.
"At some point you have to draw a line and go after the guys who launched the attack. We think it is important that people are accountable for their actions."
McPherson is unable to discuss whether the CDN attack will become one of those actions but the fact that the client even agreed to be referenced at all by Verisign is a sign that something could be in the air. If so, little will be disclosed until a legal or police case has been launched.
Public police actions against DDoS attackers are extremely rare with perhaps the only known example at this end of the DDoS scale being the effort made to track down the group that hit Spamhaus with an equally large DDoS attack in 2013. Launched by the anti-spam organisation itself, that remains the case study for action.
Thus far, the public face of DDoS has been a depressing roll call of statistics that read like an indecipherable code to all but the few familiar with routing protocols and Internet infrastructure. In the very near future, that could change to be more like malware, data breaches and web attacks. DDoS could become another story of true crime.
McPherson's message is simple: "you have to go after the guys behind the keyboards."
Sign up for MIS Asia eNewsletters.