US Contractor Ordered to Pay $10M for Selling Hacking Tools
Peter Williams, a former cybersecurity executive at the U.S. defense contractor L3Harris, has been ordered by a judge to pay $10 million in restitution to his previous employer. This order comes on top of a $1.3 million penalty he had already been mandated to pay. Williams was involved in one of the most significant leaks of advanced hacking tools in the U.S. and its allied countries’ history.
Williams, 39, an Australian citizen and former intelligence officer, served as the general manager of Trenchant, a division within L3Harris. Trenchant specializes in developing sophisticated spyware and hacking tools, which are sold to the U.S. government and members of the Five Eyes intelligence alliance — the United States, Australia, Canada, New Zealand, and the United Kingdom.
Last year, Williams was arrested for stealing multiple trade secrets, believed to be cyber exploits and surveillance technologies, from Trenchant. He subsequently sold these stolen tools to Operation Zero, a Russian company known for brokering hacking tools and allegedly working exclusively with the Russian government. Williams pleaded guilty to these charges and was sentenced to more than seven years in prison.
According to reports, Williams profited approximately $1.3 million from selling these trade secrets. The funds were reportedly used to purchase luxury items such as watches, a home near Washington, D.C., and finance family vacations. Trenchant claimed that it suffered losses estimated at up to $35 million due to these thefts.
U.S. prosecutors described Williams’ actions as a betrayal, stating that the stolen tools could have been used to compromise millions of computers and devices globally. Some of these hacking tools were later identified in cyberattacks linked to Russian government operatives in Ukraine and subsequently by Chinese cybercriminal groups, according to cybersecurity research from former L3Harris employees and investigations published by Google.
Williams utilized his full access to Trenchant’s internal network to exfiltrate the sensitive hacking tools. In an attempt to mislead investigators, he also tried to implicate one of his employees in the theft. Legal representatives for Williams did not respond to requests for comment.
This case has highlighted the risks associated with insider threats in cybersecurity firms, especially those working with sensitive government contracts and intelligence alliances. The incident underscores the challenges of safeguarding advanced cyberweaponry from exposure to hostile foreign entities.