WASHINGTON—The Navy and its industry partners are “under cyber siege” by Chinese hackers and others who have stolen national security secrets in recent years, exploiting critical weaknesses that threaten the U.S.’s standing as the world’s top military power, an internal Navy review concluded.

The assessment, delivered to Navy Secretary Richard Spencer last week and reviewed by The Wall Street Journal, depicts a branch of the armed forces under relentless cyberattack by foreign adversaries and struggling in its response to the scale and sophistication of the problem.

Drawing from extensive research and interviews with senior officials across the Trump administration, the tone of the review is urgent and at times dire, offering a rare, unfiltered look at the military’s cybersecurity liabilities.

The 57-page document is especially scathing in its assessment of how the Navy has addressed cybersecurity challenges facing its contractors and subcontractors, faulting naval officials for failing to anticipate that adversaries would attack the defense industrial base and not adequately informing those partners of the cyber threat. It also acknowledges a lack of full understanding about the extent of the damage.

“For years, global competitors, and adversaries, have targeted and breached these critical contractor systems with impunity,” the audit says. “These enterprises, regardless of their relationship with the department, are under cyber siege.”