US defense contractor who sold hacking tools to Russian broker ordered to pay $10M to former employers

Source: TechCrunch

Overview

Peter Williams, a veteran cybersecurity executive and former head of the hacking and surveillance technology division at U.S. defense contractor L3Harris, has been ordered to pay $10 million in restitution to his former employer. Williams was the central figure in one of the worst leaks of advanced hacking tools in the history of the United States and its closest allies.

On Wednesday, a judge ordered Williams to pay the $10 million in restitution on top of the $1.3 million he had already been ordered to pay to L3Harris. Williams, a 39‑year‑old Australian citizen who previously worked for an Australian intelligence agency, was until last year the general manager of Trenchant—L3Harris’ division that develops advanced spyware and hacking tools for the U.S. government and its Five Eyes allies (Australia, Canada, New Zealand, and the United Kingdom).

Veteran cybersecurity reporter Kim Zetter first reported the new restitution order in her newsletter. Williams’ lawyers did not respond to a request for comment.

Arrest, Charges, and Sentencing

Last year, Williams was arrested and accused of stealing seven unspecified trade secrets—almost certainly cyber exploits and surveillance technology—from Trenchant and then selling them to Operation Zero, a Russian broker that claims to work exclusively with the Russian government and local companies.

Williams pleaded guilty and was sentenced to more than seven years in prison.

Financial Gains and Losses

Williams made $1.3 million from selling the trade secrets, which he used to purchase luxury watches, a house near Washington, D.C., and family vacations. Trenchant told prosecutors that it suffered losses of up to $35 million due to Williams’ theft.

Impact of the Leaked Tools

U.S. prosecutors said Williams “betrayed” the United States and its allies by giving Operation Zero tools that could have been used to hack millions of computers and devices around the world. After the sale, some of the tools were reportedly used by Russian government spies in Ukraine and later by Chinese cybercriminals, according to former L3Harris employees who recognized the stolen code in cybersecurity research published by Google.

Williams also attempted to frame one of his employees for the theft.

References

• Peter Williams profile – TechCrunch
• Judge’s order (PDF)
• Inside the story of the US defense contractor who leaked hacking tools to Russia
• Kim Zetter’s newsletter report
• Arrest and accusations (Oct 2025)
• Operation Zero profile
• Williams’ guilty plea and sentencing (Oct 2025 & Feb 2026)
• Potential misuse of the tools (Feb 2026)
• Research linking stolen code to attacks (Mar 2026)