The distributed denial-of-service attacks hitting financial institutions continue to worry many security experts, but looking for evidence of the attacks offers a meager helping of data points that belies the seriousness of the problem, say infrastructure and security experts.

Website monitoring firm Netcraft, for example, has documented multi-hour downtime at major banks over the past few weeks, but no crippling outages. Internet monitoring provider Renesys has also seen few signs of the attacks. Perhaps the most convincing data comes from Web-outage complaint portal Sitedown.co, which has collected hundreds of bank-outage reports in the past month. Yet there is no way to confirm the reports are true.

While the lack of external evidence has led some commentators to downplay the attacks, the problem is that the organizations that have the most data are not talking about the issues publicly, said Earl Zmijewski, VP and general manager at Renesys.