In some cases, they do care very much. Just not from a legal standpoint.
Many nation states prefer not to be detected when conducting espionage. And if they are detected, they really prefer to not have the attack be attributed to their country. At the very least, they want some plausible deniability; ideally full-on anonymity or framing, if they can.
Sometimes they really don't care if the source of the attack is known. It depends on the political rationale behind it. But when they do care, they're definitely at more of a disadvantage than a hired red team. The red team has no real anxiety over whether they're caught or attributed, and can act more quickly and aggressively.
I think that if a state desires to engage in a cyberattack, there's really no way you can pinpoint it back, because there's no evidence to show why a hacker on a Chinese IP is associated with the Chinese government -- unless you're depending on sloppiness. It could be a private industrially motivated actor, it could be the actions of someone looking to embarrass the Chinese government, or it could be some nationalist.
The US can say "shame on you" because they feel they have enough evidence to support a narrative, and China will say, "How can you engage in such irresponsible rhetoric?" The Chinese government will condemn rogue criminals and perform a cursory investigation and that will be the end of it. And then all countries and all companies in the world continue operating as usual.
No political consequences. All nations understand it.
There are many different kinds of indicators left behind in attacks, even very sophisticated attacks. Way more than just IP addresses. The entire recon, infection, exfiltration, pivoting, and C&C chain can leave hundreds or thousands of host-based, network-based, and identity-based indicators behind.
Of course, those indicators can be intentionally or unintentionally misleading or ambiguous. But by finding a dozen or more consistent IOCs/TTPs without any inconsistent ones, combined with a motive, often you can start making some possible accusations. Those assumptions will often remain unproven, but keep in mind government APT groups are still run by humans, and humans can always be sloppy.
Also, in some cases one state may have so thoroughly compromised another that they could find explicit evidence that an attack was ordered.
Many nation states prefer not to be detected when conducting espionage. And if they are detected, they really prefer to not have the attack be attributed to their country. At the very least, they want some plausible deniability; ideally full-on anonymity or framing, if they can.
Sometimes they really don't care if the source of the attack is known. It depends on the political rationale behind it. But when they do care, they're definitely at more of a disadvantage than a hired red team. The red team has no real anxiety over whether they're caught or attributed, and can act more quickly and aggressively.