A confidential section of a Pentagon report says foreign hackers are feared to have accessed more than 20 designs for advanced US weapons systems, according to the Washington Post.
The report, prepared by the Defense Science Board for the Pentagon, does not name China, but the paper cites senior defence officials as saying the breach was part of a larger campaign sourced out of China.
It is not known exactly when the attacks took place or how much information about the weapons systems was taken.
But the confidential portion of the report contains a list of weapons systems that may have been compromised, including US missile defence systems.
The suspected breach has raised concerns that any stolen information could give China a head start in developing similar advanced weapons systems.
The report blames much of the lax security on defence contractors.
Read more on cyber espionage
- IT manufacturers fight cyber espionage risks in the supply chain
- Researchers uncover advanced cyber espionage campaign
- Norway’s Telenor hit by cyber espionage campaign
- Prolific cyber espionage group tied to the Chinese military
- After lull, PLA 'Comment Crew' hasn't changed cyber-espionage tactics
- RSA 2013: China not the only cyber espionage country, says Mandiant
- Dell SecureWorks uncovers cyber espionage targeting energy firms
- Security researchers discover powerful cyber espionage weapon 'Flame'
- NIST revises US federal cyber security standards
"In many cases, they don’t know they’ve been hacked until the FBI comes knocking on their door," one unnamed senior military official told the Washington Post.
The report comes just weeks after the Pentagon’s annual report to Congress accused China for the first time of trying to break into US defence computer networks.
In March, the Obama administration called on China to end its campaign of cyber espionage, warning that the hacking activity could derail efforts to build stronger ties between the countries.
In February, a report by US security firm Mandiant said that a large proportion of cyber attacks on US companies and government agencies and organisations originated from a Chinese military unit in Shanghai.
China has denied any involvement and condemned the report for lack of hard evidence.
Earlier in May, US officials said the Shanghai-based unit of China’s People’s Liberation Army (PLA) had resumed attacks after going quiet just after the release of the Mandiant report.
They said the unit appeared to have resumed its attacks using different techniques. Mandiant also said the attacks had resumed and that the victims included many of those the unit had attacked before.