The USA needs to beef up its cyber-security to raise the costs for Chinese hackers launching attacks, America's top intelligence official says.
Director of National Intelligence James Clapper said China and Russia posed the most advanced cyber-threats, though Iran and North Korea could also cause serious disruptions despite having less sophisticated technology.
But he said that improved US cyber-security would make conducting cyber espionage more complicated for China "by addressing the less sophisticated threats and raising the cost and risk if China persists".
Giving testimony before the House of Representatives intelligence committee, Clapper said the risk of a "catastrophic attack" was remote now but the ongoing attrition of cyber-attacks will be costly for the US.
"Chinese cyber espionage continues to target a broad spectrum of U.S. interests, ranging from national security information to sensitive economic data and U.S. intellectual property," he said.
"We foresee an ongoing series of low-to-moderate-level cyber-attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security."
The comments come just weeks before Chinese President Xi Jinping makes a state visit to Washington and amid reports that President Barack Obama is considering targeted sanctions against Chinese individuals and companies for cyber-attacks against US commercial targets.
Chinese hackers were also implicated in two attacks on the systems of the Office of Personnel Management that exposed the personal data of more than 20 million federal employees, and though Clapper did not explicitly blame China he said the breach could compromise the cover of US spies abroad.
While there have not yet been any signs of "nefarious" use of the data, FBI director James Comey, testifying at the same hearing, described the incident as "a significant counter-intelligence threat".
China has denied any involvement in hacking US government and corporate databases and insists that it too has been a victim of cyber-attacks.