"The number of source IPs observed in the WikiLeaks retaliation attacks fell into the mid or higher end of the 5,000 validated DDoS attacks last year," he said on the blog post.
To Labovitz, that suggested that while hacktivists tried to recruit large botnets, those collections of compromised computers were not actually used.
But while the WikiLeaks attacks were easily blocked by most targets, that doesn't mean DDoS attacks aren't a serious threat to the Internet.
"The majority of attacks we see can be dealt with," Labovitz said, "but there are professionals with financial motives who are putting a lot of time and money into very sophisticated DDoS attacks." He hesitated to assign specific motives for such high-end attacks, although some, he said, were clearly extortion attempts against ISPs and companies.
"While the WikiLeaks and retaliatory attacks may not represent the start of 'cyberwar' ... the trend towards militarization of the Internet and DDoS used as means of protest, censorship, and political attack is cause for concern," he wrote on Arbor's blog. "DDoS fueled by the growth of professional adversaries, massive botnets and increasingly sophisticated attack tools poses a real danger to the network and our increasing dependence on the Internet."
Sign up for Computerworld eNewsletters.