"Bot farms" aren't really like server farms or anything like that; they don't really even have a physical location. Anyone adept enough at certain (relatively simple) operations, and with enough time on their hands, can compile a "botnet". What we're observing is a series of DDoS attacks (Distributed Denial of Service) which basically happens by directing a "botnet" to send traffic to a destination.
Basically, everything that is connected to the internet has an address and can send and receive information to and from that address. Botnets are lists of these devices that can be readily weaponized, without the owner of the device even knowing it, to all send packets to a destination website. Because it's a collection of all different devices with their own unique addresses, the host of the website cannot just block specific addresses. That is why it is called "distributed". Many people call this "hacking", but realistically it can be done without breaking into any systems or getting access to any data, which reduces the applicability of that term.
Defenses against DDoS attacks have improved over the years; there are ways of automatically predicting which messages from which addresses are chaff, though the most common way is and probably will remain placing some temporary restrictions on the traffic until it is over (attacks are limited in time roughly proportionately to the size of the botnet used). Many websites and services, including high profile ones, lack sufficient DDoS protections as well.
Knowing who perpetrated the attack from the attack alone should be next to impossible. It could be anyone with enough patience or some spare change. If my memory serves me right, the going rate was something like a few hundred bucks for a several thousand strong botnet, and that's just Joe Blow buying an attack from the black market corners of the internet. Tracing such transactions, I'd imagine, would be the only way of identifying attackers. Nobody that's operating in those spheres on the internet is going to be inept at securing their identity.
In other words, there's almost certainly no way of figuring out who is doing it. It's likely a state-sponsored actor, which means he can't even sue them because they aren't in this country. It will continue as long as his attackers care to make it (and can afford it; given a state actor that means indefinitely practically).
Maybe he figured something out. He'd have to know something that dozens of the most successful tech companies still haven't figured out. That said, I REALLY don't believe what you're describing him saying could ever come to be.
Now, if we're talking about people actively hacking into the website and stealing data or changing code, I could see that being traced. Even then, though, any hacker worth their salt (like state-sponsored ones should be) will be undetected and legally immune.
That's basically impossible.
"Bot farms" aren't really like server farms or anything like that; they don't really even have a physical location. Anyone adept enough at certain (relatively simple) operations, and with enough time on their hands, can compile a "botnet". What we're observing is a series of DDoS attacks (Distributed Denial of Service) which basically happens by directing a "botnet" to send traffic to a destination.
Basically, everything that is connected to the internet has an address and can send and receive information to and from that address. Botnets are lists of these devices that can be readily weaponized, without the owner of the device even knowing it, to all send packets to a destination website. Because it's a collection of all different devices with their own unique addresses, the host of the website cannot just block specific addresses. That is why it is called "distributed". Many people call this "hacking", but realistically it can be done without breaking into any systems or getting access to any data, which reduces the applicability of that term.
Defenses against DDoS attacks have improved over the years; there are ways of automatically predicting which messages from which addresses are chaff, though the most common way is and probably will remain placing some temporary restrictions on the traffic until it is over (attacks are limited in time roughly proportionately to the size of the botnet used). Many websites and services, including high profile ones, lack sufficient DDoS protections as well.
Knowing who perpetrated the attack from the attack alone should be next to impossible. It could be anyone with enough patience or some spare change. If my memory serves me right, the going rate was something like a few hundred bucks for a several thousand strong botnet, and that's just Joe Blow buying an attack from the black market corners of the internet. Tracing such transactions, I'd imagine, would be the only way of identifying attackers. Nobody that's operating in those spheres on the internet is going to be inept at securing their identity.
In other words, there's almost certainly no way of figuring out who is doing it. It's likely a state-sponsored actor, which means he can't even sue them because they aren't in this country. It will continue as long as his attackers care to make it (and can afford it; given a state actor that means indefinitely practically).
Maybe he figured something out. He'd have to know something that dozens of the most successful tech companies still haven't figured out. That said, I REALLY don't believe what you're describing him saying could ever come to be.
Now, if we're talking about people actively hacking into the website and stealing data or changing code, I could see that being traced. Even then, though, any hacker worth their salt (like state-sponsored ones should be) will be undetected and legally immune.