Jackson and other researchers at SecureWorks haven't seen the usual chatter in known hacker and "hacktivist" forums, been able to locate any botnet command-and-control servers showing evidence of having ordered the DDoS attack, or found any clues that the usual commercial DDoS suspects, who make a living renting out bots for such attacks, were involved.

"Either we had a serious breakdown in our security intelligence on this, or the commercial DDoS guys have researched, and found, different ways to mask their attacks," said Jackson.

However, what data SecureWorks does have points to multiple DDoS attacks launched against the pro-Georgian blogger, Jackson said, backing what Marcus has said.

Even so, Jackson was mystified at the lack of hard information. "We have all kinds of feelers out there to find out if this is a Georgia versus Russia thing," he said. "We have all kinds of triggers that would tell us if that was the case. But so far, there's been nothing."

Last August, Russian hackers mobilized an ad hoc DDoS against numerous state-sponsored sites in Georgia, including its foreign ministry's, defense department's and president's sites. At the time, researchers said that the attacks had left Russian hacker fingerprints.