IE 11 is not supported. For an optimal experience visit our site on another browser.

Anti-spam group at epicenter of one of worst cyberassaults in history

Some Internet users are finding themselves collateral damage in a war between one of the world's leading anti-spam groups and a Dutch Web hosting company in what is being called one of the Internet's biggest attacks.

The distributed denial-of-service assault, which started March 15, is resulting in slower Internet speeds and difficulty in accessing websites for some in Europe, and to a lesser degree, the U.S., although most users are not affected. Access to Facebook, Twitter and other social networks in the U.S. appears to be normal despite the ongoing turmoil.

"This the largest DDoS attack we've seen," Matthew Prince, CEO and founder of CloudFlare told NBC News Wednesday. CloudFlare is a website performance company that is working with the victimized anti-spam organization, Spamhaus. The attack, he said, "is significantly larger in volume than large attacks we've seen against U.S. financial institutions or organizations like WikiLeaks."

Steve Linford of Spamhaus told the BBC that the scale of the attack is "unprecedented," peaking at 300 gigabits per second. Normally, he said, "when there are attacks against major banks, we're talking about 50 gigabits per second."

Johannes Ulrich of the SANS Institute's Internet Storm Center, a U.S. security research organization, told NBC News the attack is indeed "one of the larger DDoS attacks the Internet has seen so far."

However, he said, "I don't think the impact is being felt by average Internet users, unless (they're) in specific locations that are more impacted by the attack."

The New York Times said that "millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular website for a short time." (NBC News has contacted Netflix for comment and will update this story when we hear back.)

Distributed denial-of-service attacks happen when a website is inundated with traffic meant to delay or disrupt its performance, and are a common tool of hackers.

But in this case, Spamhaus is accusing a company, Dutch-based Web host Cyberbunker, of being behind the attacks, along with "criminal gangs" from Eastern Europe and Russia, according to a Spamhaus statement made to the BBC. (NBC News has contacted both Spamhaus and Cyberbunker, and will update this story if we hear back.)

Spamhaus, a nonprofit volunteer organization with offices in London and Geneva, hunts for spammers on the Internet and publishes a list of servers that spammers use, so that email system administrators can filter out that spam.

The group is "directly or indirectly responsible for filtering as much as 80 percent of daily spam messages," Prince of CloudFlare wrote in a recent blog post. And, in a post Wednesday, he said that the "challenge with attacks at this scale is they risk overwhelming the systems that link together the Internet itself."

Cyberbunker, which uses a former NATO bunker as its base of operations, says on its site that it has more than 100,000 dedicated servers, and is proud of "hosting services to controversial clients who are harassed by governments and other organizations." (Cyberbunker says on its site it does not host any content or services related to terrorism or child pornography, however.)

"We value freedom of speech, and have always stood for privacy and the protection of our clients," the company says on its site, which also features a photo of controversial WikiLeaks founder Julian Assange in its home page slideshow.

At the time of publication, the Spamhaus website was up and running, while Cyberbunker's was down, or at least very slow to load.

"Attacks of this type are growing in terms of quantity as well as scale," security firm Kaspersky Lab noted in The Telegraph. "Among the reasons for this growth is the development of the Internet itself (network capacity and computing power) and past failures in investigating and prosecuting individuals behind past attacks."

Whether the current attack will continue or worse remains to be seen. Ullrich, of the Internet Storm Center, said "there is not really much the average Internet user can do, other than making sure their own PC is not infected by malware and used to participate in the attack."

Update: 3:15 p.m. ET Thursday: Jordan Robson, Cyberbunker's general manager, told NBC News via email that neither Cyberbunker nor its clients have spammed Spamhaus.

Check out Technology, GadgetBox, TODAY Tech and In-Game on Facebook, and on Twitter, follow Suzanne Choney.