A new generation of DDoS attacks does not use bot-infected PCs, but instead capitalises on the greater power of web servers, said researchers.
They estimate that hundreds of web servers have been infected and are being used to carry out DDoS attacks.
The source of the attacks is also more difficult to detect, with trace-backs typically leading to a lone server at a random hosting company, the researchers said.
These web server-based DDoS attacks are likely to be ongoing, said Amichai Shulman, chief technology officer at Imperva.
"Now that a network of server bots has been created, it will be quite easy for them to 'rent' them out or increase their activity," he said.
Companies should regularly monitor their Google presence to look for evidence of being compromised, Shulman said.