Cyber-attacks on the biggest U.S. banks, including JPMorgan Chase & Co. and Wells Fargo & Co., have breached some of the nation’s most advanced computer defenses and exposed the vulnerability of its infrastructure, according to cybersecurity specialists tracking the assaults.

The attacks, which a U.S. official yesterday said were waged by a still-unidentified group outside the country, flooded bank websites with traffic, rendering them unavailable to consumers and disrupting transactions for hours at a time, Bloomberg reported.

Such a sustained network attack ranks among the worst-case scenarios envisioned by the National Security Agency, according to the U.S. official, who asked not to be identified because he isn’t authorized to speak publicly. The extent of the damage may not be known for weeks or months, said the official, who has access to classified information.

“The nature of this attack is sophisticated enough or large enough that even the largest of the financial institutions would find it difficult to defend against,” Rodney Joffe, senior vice president at Sterling, Va.-based security firm Neustar Inc., said in a phone interview.

Though the group is using a method known as distributed denial-of-service, or DDoS, to overwhelm financial-industry websites with traffic from hijacked computers, the attacks have taken control of commercial servers that have much more power, according to the specialists.

Officials say there’s no sign the attacks are going to stop, and that a broader or more sustained denial of service attack could shake consumer confidence in the banking industry. The White House is circulating a draft executive order to create a program that would shield vital networks from these attacks.