A former senior executive at US defence contractor L3Harris has been sentenced to over seven years in prison for stealing and selling highly sensitive hacking tools to a Russian cyber arms broker. Peter Williams, 39, pleaded guilty to leaking trade secrets from his former employer's elite Trenchant division in exchange for $1.3 million (£1.04 million) in cryptocurrency between 2022 and 2025.

The Australian citizen, who resided in Washington, D.C., was the general manager of Trenchant, a unit that develops surveillance and intrusion software for the US government and allied intelligence agencies. Prosecutors stated Williams exploited his "full access" to secure company networks to download the tools, which the US Department of Justice warned could have allowed unauthorised access to "millions of computers and devices around the world."

A Fall from Grace for a Top Hacker

Williams's conviction marks a significant fall for a figure once regarded as an accomplished hacker, with a background that included work for Australia's top foreign intelligence agency and military service. The court heard he used the illicit funds to purchase a house, jewellery, and luxury watches. L3Harris estimated the financial loss from the theft at $35 million, though the company stated the stolen tools were not classified as government secrets.

The buyer was identified as Operation Zero, a firm the US Treasury Department subsequently sanctioned as a national security threat. In a statement coinciding with the sentencing, the Treasury said the broker "sold those stolen tools to at least one unauthorised user," which could be a foreign intelligence service or a criminal group like the Trickbot ransomware gang.

Unanswered Questions and a Scapegoat

Critical details remain undisclosed, including the specific software vulnerabilities—likely "zero-day" exploits—that Williams sold. Evidence suggests they targeted popular consumer platforms; during proceedings, prosecutors referenced an Operation Zero social media post seeking "top-tier mobile exploits" for Android and iOS, noting the "end user is a non-NATO country."

The case also involves a mysterious subordinate. Prosecutors confirmed Williams "stood idly by while another employee of the company was essentially blamed for [his] own conduct." This employee, identified in reports under the alias Jay Gibson, was fired after Williams accused him of the theft. Months after his dismissal, Gibson received an Apple notification warning his personal iPhone had been targeted by a "mercenary spyware attack."

It remains unclear who was behind that hack, with speculation it could have been part of the FBI's investigation into Williams. An FBI spokesperson declined to comment beyond the Justice Department's official release.

Broader Implications and Silent Tech Giants

A major unresolved issue is whether US authorities or L3Harris alerted technology companies like Apple or Google, whose products may have been compromised by the leaked vulnerabilities. When contacted, neither tech giant, nor L3Harris, responded to requests for comment. The lack of notification leaves potential security flaws unpatched and users at risk.

The sentencing concludes one of the most high-profile leaks of Western cyber tools in recent years, underscoring the lucrative and shadowy market for digital weapons. Operation Zero's founder, Sergey Zelenyuk, was also sanctioned by the US Treasury, which described the company's activities as a direct threat to national security.