A former senior cybersecurity executive at L3Harris Technologies has been ordered to pay $10 million in restitution after stealing advanced hacking and surveillance tools from the defense contractor and selling them to a Russian exploit broker tied to the Russian government.
A judge issued the order on Wednesday against Peter Williams, a 39-year-old Australian citizen who previously worked for one of Australia’s intelligence agencies.
The restitution order comes in addition to the $1.3 million Williams had already been ordered to repay to L3Harris.
Williams was previously the general manager of Trenchant, L3Harris’ hacking and surveillance technology division that develops spyware and cyber tools for the U.S. government and allied intelligence agencies.
Veteran cybersecurity reporter Kim Zetter first reported details of the latest restitution order through her newsletter.
Stolen Tools Were Sold To Russian Exploit Broker
Federal prosecutors accused Williams last year of stealing seven trade secrets from Trenchant.
The stolen materials were believed to include cyber exploits and surveillance technologies capable of compromising software vulnerabilities and monitoring targeted systems.
According to prosecutors, Williams sold the stolen tools to Operation Zero, a Russian exploit broker that publicly states it works exclusively with Russian government agencies and domestic organizations.
The U.S. government has described Operation Zero as “one of the world’s most nefarious exploit brokers.”
Williams pleaded guilty and received a prison sentence exceeding seven years.
Court filings stated that Williams earned approximately $1.3 million from the sale of the stolen materials.
Prosecutors said he used the money to purchase luxury watches, a home near Washington, D.C., and family vacations.
L3Harris told prosecutors the theft caused losses estimated at as much as $35 million.
Tools Were Later Used In Cyberattacks
According to prosecutors, Williams exploited privileged “full access” permissions inside Trenchant’s internal systems to extract the hacking tools from company networks.
TechCrunch previously reported that some of the stolen cyber tools were later identified in attacks linked to Russian intelligence operations in Ukraine.
Former L3Harris employees reportedly recognized portions of the stolen code in cybersecurity research later published by Google after the company investigated related cyberattacks.
The same tools were also later associated with activity involving Chinese cybercriminals, according to former employees familiar with the stolen materials.
Federal prosecutors argued that Williams endangered U.S. national security interests and intelligence relationships within the Five Eyes alliance by transferring the tools to Russian-linked entities.
The Five Eyes intelligence-sharing alliance includes the United States, Australia, Canada, New Zealand, and the United Kingdom.
Prosecutors Said Williams Tried To Frame Employee
Court records also alleged that Williams attempted to shift blame for the theft onto one of his own employees.
The case has been described by investigators as one of the most serious leaks of advanced cyber capabilities involving the United States and allied intelligence partners in recent years.
Featured image credits: Onit
For more stories like it, click the +Follow button at the top of this page to follow us.