"There are very few companies that can afford to buy that kind of bandwidth," Scholly said.

Within a few minutes of the start of an attack, DNS (Domain Name System) or BGP (Border Gateway Protocol) routing changes are used to direct malicious traffic through Prolexic's data centers in London; Hong Kong; San Jose, California; and Ashburn, Virginia. The bad traffic is scrubbed, while non-attack traffic is passed along to customers.

As exhibited by last week's problems, it doesn't mean in every case that a site's hiccups are immediately cured. The hackers are using between six and eight different types of attacks originating from small armies of compromised computers. Those botnets are often in the U.S. and China, which are countries with large numbers of computers without up-to-date patches, making those machines vulnerable to hackers to install DDOS toolkits.

Prolexic called out one of those toolkits, called "itsoknoproblembro," in a recent statement, but declined to say if that toolkit was used in last week's attacks.

The hackers are taking steps to make each attacking computer within those botnets look different. Prolexic tries to identify an attacking computer by its "signature," or a set of characteristics that make it look unique. But if those parameters vary over time, it's more difficult to block an attack.