Washington, D.C. – A federal court in the United States has sentenced Peter Williams, a 39-year-old former Australian cyber security executive, to 87 months in prison for stealing and selling highly sensitive cyber-exploit tools to a Russian cyber-tools broker — in a case authorities say underscores the severe national security risks posed by insider threats.
Williams, who once led the cyber division of U.S. defense contractor L3Harris’s Trenchant unit, admitted in a Washington, D.C. courtroom that he stole eight proprietary cyber-exploit components over a three-year period and sold them to a Russian brokerage known as Operation Zero in exchange for millions of dollars in cryptocurrency.
These tools — often referred to as zero-day exploits, meaning vulnerabilities with no known fixes — were intended exclusively for use by the U.S. government and its closest intelligence partners. Prosecutors argued that in the wrong hands such capabilities could enable extensive cyber-attacks, espionage, and fraud against government and private networks worldwide.
In addition to the prison term, the court ordered Williams to serve three years of supervised release, forfeit approximately US $1.3 million in assets including cryptocurrency, his home, luxury watches, and other valuables, and will set a restitution hearing for May 2026.
Officials from the Department of Justice stressed the gravity of the crime. Assistant Attorney General for National Security John A. Eisenberg said Williams “exploited his senior role at a U.S. defence contractor to enrich himself at the expense of the United States and his employer,” noting that the stolen software was meant to “protect this Nation.”
The Federal Bureau of Investigation also highlighted the broader threat: the sale of these tools to foreign entities — particularly those linked to adversarial governments — represents a clear violation of trust and poses significant risks to national and allied security infrastructure.
The case has prompted parallel action from U.S. financial authorities. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) and the State Department have levied sanctions against Operation Zero and associated individuals, aiming to disrupt the broker network that trafficked in these stolen cyber capabilities.
