The internet service company Dyn, which routes and manages internet traffic, said that it had suffered a distributed denial of service (DDoS) attack on its domain name service shortly after 1100 GMT.
Service was initially restored within two hours but close to three hours later the company said it was responding to an attack again.
“Our engineers are continuing to work on mitigating this issue,” the company said on its website close to 1700 GMT.
The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.
The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.
Dyn, which is headquartered in New Hampshire, said the attack went after its domain name service, causing interruptions and slowdowns.
Scott Hilton, executive vice president for products at Dyn, said in a statement Friday morning that a “global DDoS attack” had been launched on its Managed DNS infrastructure on the US east coast.
A map published by the website downdetector.com initially showed service interruptions for Level3 Communications, a so-called “backbone” internet service provider, across much of the US east coast and in Texas.
However later Friday the affected areas had spread to parts of the Midwest and California. Similar maps for Netflix and Twitter website specifically showed areas of outage in Europe.
The US Department of Homeland Security told AFP it was monitoring the situation.
“We’re aware and are investigating all potential causes,” said DHS spokeswoman Gillian Christensen.
Amazon Web Services, which hosts some of the most popular sites on the internet, including Netflix and the homestay network Airbnb, said on its website that it had resolved problems by 1310 GMT only to begin addressing similar problems three hours later in a different region.
Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.
Distributed denial of service or DDoS attacks involve flooding websites with traffic, making them difficult to access or taking them offline entirely.
Attackers can use them for a range of purposes, including censorship, protest and extortion.
The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks.
Though such attacks are not uncommon, Friday’s incident immediately unscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.
“The internet continues to rely on protocols and infrastructure designed before cyber security was an issue,” said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black.
He said that growing interconnection of ordinary devices to the internet, the so-called “internet of things,” increased the risks to networks.
“DDoS, especially with the rise of insecure IOT devices, will continue to plague our organizations. Sadly, what we are seeing is only the beginning in terms of large scale botnets and disproportionate damage done. “