> Best indication of a government agency a 24 hour attack rather than a cycling attack.
FTFA: "However, for the last 24 hours the site has been largely inaccessible world wide"
The attack does not appear to have been sustained in a constant way.
> Individual users will still want to use the computers and bandwidth for other things.
*Distributed* denial of service attack. If the attack is successful, each individual user does not need to devote more than a small fraction of whatever broadband access they have, since their victims would not successfully communicate back.
> Even botnet controllers will want to get back to money making spam.
They could also make money by renting out their botnets...
> The only people who can keep it up solid had computers and bandwidth to waste
Or non-government entities such as botnet operators, as you mention, telecommunications companies, multi-national organizations...
> and obviously will want to work the divide and conquer angle.
Successfully taking out one site (even a highly connected one) wouldn't be dividing anything except that site from all the strongly connected others. This attack created no salients against which to deploy any kind of conquering tactic, and this kind of attack cannot possibly do so against such a highly redundant network.