I agree that pretty much anyone who gave a cursory inspection would come to the conclusion that the attacks were from Chinese intelligence. There were still lots of defences of China claiming it could be patriotic hackers, or that the evidence was circumstantial. I think some of this was that if US officials make it clear that they know the attacks are from China it puts them under pressure to act (potentially in a way that would anger China). Diplomatically it's more convenient to pretend not to be sure.
There's also the matter of "is this worth starting a war over?"
One thing about this is that Chinese military is not the same thing as Chinese intelligence. The main Chinese intelligence agency is the Ministry of State Security. Mixing up the PLA with the MSS is like mixing up the DOD with the CIA.
I doubt that the United States government will do anything more than "raise the issue." The trouble is that if the US does something like file a formal diplomatic protest, it will be a promise by the United States not to try to do anything similar, and I don't see how the US would consider that to be in its national interest.
One other interesting thing is that the Chinese hacker community is very different from the US hacker community, in that US hackers tend to hate the military and authoritarian systems whereas the Chinese hacker community sees themselves as patriotic defenders of the motherland. A lot of this has to do with differences in history (i.e. the US involvement with Vietnam). Something that gives you an idea of the difference is that if you go to any newsstand, you'll see a lot of military magazines, and so hackers in China are "solider wannabees" in ways that hackers in the US aren't.
APT is just an externality for US biz right now. The fact that the Chinese were able to steal the plans to the JSF doesn't really hurt Lockheed-Martin's ability to sell the plane to the US or allies. Of course it hurts the ability of the buyers to effectively deploy the JSF against anyone able to buy JSF data from the Chinese; but LockMart really doesn't care too much about that.
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
USCYBERCOM is still trying to get its shit together, so to speak. Flamer is a great example of this. We took a bunch of toys that the NSA had laying around (MD5 collision research, a few 0days purchased from defense contractors, etc) and went over to Israel's house to have them show us how to put them into play.
