In recent years, distributed denial-of-service (DDoS) attacks have become increasingly prevalent across the internet. These techniques use a barrage of data to overwhelm a site’s servers and render it inaccessible to ordinary users — and now there’s evidence that an unknown entity is preparing to level this kind of assault against key web infrastructure.

Some of the companies that help keep the web up and running have reported an increase in DDoS attempts against their services in recent months, according to a report from Bruce Schneier. The security expert suggests that these attacks could be part of a “probing” process intended to figure out what their targets can and cannot withstand.

The victims have apparently been “forced to demonstrate their defense capabilities for the attacker,” as the unknown originator of these probes has been steadily increasing its level of attack over a period of time. The theory is that the attacks are intended to hone in on the exact point where a service’s defenses fail.

Schneier is unable to refer to specific companies that he’s been in contact with, but he claims that what they’re reporting is consistent with statements made by web infrastructure firm Verisign. Earlier this year, the company published a report asserting that DDoS attacks against its services had become “more frequent, persistent, and complex” in recent months.

The relevance of this to the average web user is that Verisign is the registrar for domains like .com and .net. If the company was to be successfully taken down by a DDoS attack, all websites and email addresses related to those domains could suffer what Schneier describes as a “global blackout.”

Schneier rules out activists, criminals, and researchers as likely culprits, and instead points toward espionage as the root of these probing attacks. Based on the size and scale of the operation, it seems probable that state actors are responsible — although it’s difficult to determine exactly who is pulling the strings. “It feels like a nation’s military cyber command trying to calibrate its weaponry in the case of cyber war,” wrote Schneier.