The National Security Agency and other intelligence agencies have made progress in tying cyberattacks to China's People's Liberation Army and other specific sources, by combining cyberforensics with intelligence collection efforts, James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies, told The Wall Street Journal.
The U.S. chief of counterintelligence issued a report last month accusing China of being the world's "most active and persistent" perpetrator of economic spying, the newspaper reported Monday.
U.S. officials are working on a strategy to confront Chinese officials more directly about Internet hacking activities originating in their country. They warned China two weeks ago about the diplomatic consequences of economic spying, an unidentified former official familiar with the meeting told the Journal.
Besides the Chinese army, the Journal said U.S. officials have pinpointed a half-dozen non-military groups connected to universities and other organizations they believe have been cyberspying.
"It's actually a small number of groups that do most of the PLA's dirty work," Lewis said. "NSA is pretty confident of their ability to attribute [cyberespionage] to this set of actors."