Mandiant said its findings led it to alter the conclusion of a 2010 report it wrote on Chinese hacking, in which it said it was not possible to determine the extent of government knowledge of such activities.
"The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them," the company said in a summary of its latest report.
It said the hacking was traced to the 2nd Bureau of the People's Liberation Army General Staff's 3rd Department, most commonly known as unit 61398, in the Shanghai suburbs.
China's Defense Ministry did not immediately respond to faxed questions about the report, although it has in the past labeled such allegations as groundless and irresponsible, and has demanded that evidence be presented.
News of the report spread Tuesday on the Chinese Internet, with many commentators calling it an excuse for the U.S. to impose greater restrictions to contain China's growing technological prowess.
Graham Cluley, a British cybersecurity expert who was not involved in Mandiant's research, said people in the computer industry believe China's government is behind such attacks but have been unable to confirm the source.
"None of us would be very surprised or be uncomfortable saying we strongly suspect the Chinese authorities are involved in spying this way," said Cluley, a senior technology consultant for security firm Sophos in Britain.
"I think we are seeing a steady escalation" of sophistication in hacking, Cluley said. "This is really the new era of cybercrime. We've moved from kids in their bedroom and financially motivated crime to state-sponsored cybercrime, which is interested in stealing secrets and getting military or commercial advantage."
Associated Press writers Gillian Wong and Joe McDonald contributed to this report.
Copyright 2013 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.