Top websites including Twitter, Spotify and Amazon were back to business on Saturday eleven hours after as a US internet provider came under sustained cyber attack causing widespread service interruptions and outages.
The internet service company Dyn, which routes and manages internet traffic, said that it had suffered a distributed denial of service (DDoS) attack on its domain name service shortly after 1100 GMT.
Waves of attacks incapacitated a crucial piece of internet infrastructure, hampering or outright blocking access to popular online venues.
"When I see something like this, I have to think state actor," said Carbon Black national security strategist Eric O'Neill, a former "spy hunter" on the FBI counter-intelligence force.
"This is not some hacker sitting in his basement typing away on a keyboard."
The attack was said to put a troubling new spin on an old hacker attack known as distributed denial-of-service (DDoS), where millions of devices in the fast-growing internet of things took part in the cyber onslaught.
Armies of computers infected with malicious code are typically used in DDoS attacks intended to overwhelm targets with simultaneous online requests.
"We are seeing attacks coming from a number of different locations," Level 3 Communications internet services company chief security officer Dale Drew said in a video posted online.
"We are seeing attacks coming from an internet-of-things botnet that we identified called Mirai also involved in this attack."
- Possible probe -
The onslaught commanded the attention of top US security agencies, including the Department of Homeland Security.
"DHS and the FBI are aware and are investigating all potential causes" of the outages, a spokeswoman said.
The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.
The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.
Dyn, which is headquartered in New Hampshire, said the attack went after its domain name service, causing interruptions and slowdowns.
Scott Hilton, executive vice president for products at Dyn, said in a statement Friday morning that a "global DDoS attack" had been launched on its Managed DNS infrastructure on the US east coast.
A map published by the website downdetector.com initially showed service interruptions for Level3 Communications, a so-called "backbone" internet service provider, across much of the US east coast and in Texas.
However later Friday the affected areas had spread to parts of the Midwest and California. Similar maps for Netflix and Twitter website specifically showed areas of outage in Europe.
- Amazon affected -
Amazon Web Services, which hosts some of the most popular sites on the internet, including Netflix and the homestay network Airbnb, said on its website that it had resolved problems by 1310 GMT only to begin addressing similar problems three hours later in a different region.
Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.
Distributed denial of service or DDoS attacks involve flooding websites with traffic, making them difficult to access or taking them offline entirely.
Though such attacks are not uncommon, Friday's incident immediately unscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.
"The internet continues to rely on protocols and infrastructure designed before cyber security was an issue," said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black.
He said that growing interconnection of ordinary devices to the internet, the so-called "internet of things," increased the risks to networks.
"DDoS, especially with the rise of insecure IOT devices, will continue to plague our organizations. Sadly, what we are seeing is only the beginning in terms of large scale botnets and disproportionate damage done."
Attackers use DDoS attacks for a range of purposes, including censorship, protest and extortion.
The loose-knit hacktivist network Anonymous in 2010 targeted DNS provider EveryDNS and others as retribution for efforts to block the anti-secrecy organization WikiLeaks.
(Staff with AFP)