Instead of exploiting individual computers, the attackers engineered networks of computers by infecting data centers around the world, a move that required great skill, The New York Times reported Wednesday.
"There is no doubt within the U.S. government that Iran is behind these attacks," said James A. Lewis, a security expert at the Center for Strategic and International Studies in Washington and a former official in both the State and Commerce departments.
Since September, intruders have caused major disruptions to the online banking sites of Bank of American, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC.
The hackers used distributed denial of service attacks that direct large volumes of traffic to a site until it collapses, thus denying customers access.
"The scale, scope and the effectiveness of these attacks have been unprecedented," said Carl Herberger, vice president of the security firm Radware, which has been investigating the incidents.
A hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters has claimed responsibility in online posts.
U.S. intelligence officials said the group is actually a cover for Iran and the attacks are retaliation for Western economic sanctions.