NYT would of course never back erroneous allegations by US officials on geopolitical matters like these.

What satisfiable criteria would you like in a source?

Read the sources carefully. It all boils down to "US officials says so". It's different from the Podesta hack as forensic evidence were published linking Russian hackers to the attack.

The Podesta "hack" was a spear phishing link, no? With the emails then published by Wikileaks?

What forensic evidence was published?

Afaicr, it was attributed on the basis of methods. Gmail didn't publicly disclose any internal logging.

And the email chain of custody is unreliable, so post-leak analysis has the can't-spot-a-perfect-forgery problem.

Fancy Bear and their software was analyzed by FireEye and Secureworks. You can judge for yourself whether you find the evidence persuasive:

https://cloud.google.com/blog/topics/threat-intelligence/apt... https://www.secureworks.com/research/threat-group-4127-targe...

No such evidence has been published implicating the Chinese government.