In the dark world of cyber-espionage, the finger of blame has often been pointed at China.

China has all along denied the allegations of state-sponsored hacking. But analysts say China's cyber operations are an active threat.

"Military intelligence has rapidly moved from cloak-and-dagger to bits-and-bytes over the last fifteen years... and China's no exception to that," says Bryce Boland, Asia-Pacific CTO of FireEye, a cybersecurity firm.

"China has been developing its capabilities within the PLA for a number of years, going back at least a decade. And their capabilities have now also been brought together into a single, strategic organization that is essentially a new branch of the military."

Shift in behavior

China is of course not the only actor in this era of cyber warfare.

But it has taken a significant step forward with the United States to establish some ground rules in a new domain of conflict with no widely-held norms.

"I think China, after that, has tried to comply with that agreement," says Tong Zhao of the Beijing-based Carnegie-Tsinghua Center for Global Policy.

"China increasingly realizes it is in China's interests to promote a rule-based system."

And since the agreement, FireEye has observed a significant change in Chinese cyber activity.

"We've seen a shift in behavior since the Obama-Xi agreement. And that shift in behavior has resulted in a decrease in attacks against US and Western organizations for the purposes of stealing their intellectual property," says Boland.

"We've almost seen a pivot towards Asia. We've seen more targeted attacks now focused on information gathering and intelligence collection from countries on the periphery of China -- anyone with a land boundary or involved in a maritime dispute. And that kind of activity is much more focused on intelligence."

China's cyber-spies target Asia

China's cyber-spies are pivoting away from stealing US trade secrets as they move towards gathering intelligence in a region fraught with geopolitical tension.

Take Taiwan, for instance.

Relations with Taipei and Beijing have been tense since the landslide election of Tsai Ing-Wen, Taiwan's first female president. Her Democratic Progressive Party (DPP) has traditionally leaned in favor of formal independence from China.

And then, there's Hong Kong.

Two years after Hong Kong's pro-democracy "Umbrella Movement," the city's first legislative elections since the mass demonstrations provided a platform for a small but vocal independence movement -- much to the chagrin of Beijing.

Before the election, two Hong Kong government agencies were targeted by cyber-attackers using new malware tools.

According to FireEye, both incidents were the work of Chinese state-sponsored hackers.

"We know those that those attacks were originated from China... they were clearly politically motivated attacks," says Boland.

"The only logical consequence is that they are operated by a group of people who had a political activity to conduct, so we believe they were state-sponsored."

Not all attacks officially sanctioned

But not all hack attacks originating from China have the official red seal of approval.

Analyst Tong Zhao is convinced that the Vietnam airport hack was not the work of Chinese state agents.

"We used to assume that China is a country having a very centralized political system -- the central government must be in control of everything. I think that assumption is inaccurate," Zhao says.

And he's right. As powerful as it may be, China is not a single monolith. It's a vast system of many different actors -- military or civilian, state-backed or for-hire.

But China's many cyber actors can come together for a common goal -- to advance China's security interests and its standing in the information age.