The indictment did not call any company, but authorities said the investigation was triggered when the hackers stormed the Hanford site, a dismantled nuclear production complex in eastern Washington.
China rejected the allegations on Wednesday, accusing the US of “slander”.
“The Chinese government is a strong advocate for cybersecurity and has opposed and suppressed cyberattacks and cybercrime in all its forms,” foreign Ministry spokesman Wang Wenbin said at a regular press conference in the capital, Beijing.
The indictment says Li and Dong stole terabytes of data from computers around the world, including in the US, Britain, Germany, Australia and Belgium.
US Attorney William Hyslop said “there are hundreds and hundreds of victims in the United States and worldwide”.
Li and Dong were “one of the most prolific group of hackers we’ve investigated,” said FBI Special Agent Raymond Duda, who heads the agency’s Seattle field office.
He said the couple were concerned about stealing loads of millions of dollars in high-value properties.
The document alleges that Li and Dong acted as contractors for the Chinese State Ministry of Security, or MSS, a U.S. Central Intelligence Agency company.
The MSS, prosecutors said, supplied the hackers with information into critical software vulnerabilities to penetrate targets and collect intelligence. Among those targeted were Hong Kong protesters, the office of the Dalai Lama and a Chinese Christian non-profit.
Assistant Attorney General for National Security John Demers said in a virtual news conference that the hackers occasionally worked for themselves, including a case in which Li allegedly tried to extort $15,000 in cryptocurrency from a victim.
Demers said China had joined the “shameful club of nations that would offer refuge to cybercriminals” in exchange for its high-value asset theft services.
One expert said the indictment showed the “extremely high value” that governments like China were giving to the COVID-related investigation.
“It is a fundamental threat to all governments around the world and we expect information relating to treatments and vaccines to be targeted by multiple cyber-espionage sponsors,” said Ben Read, a senior analyst at cybersecurity company FireEye.
He noted that the Chinese government had long relied on contractors for its cyber-spying operations.
“Using these freelancers allows the government to access a wider array of talent, while also providing some deniability in conducting these operations,” Read said.
The indictment alleged that the hackers operated from 2014 to 2020 and recently attempted to borrow the cancer investigation.