Australian sentenced to jail for selling US security secrets

An Australian man has received a seven-year jail sentence for selling US security trade secrets to a Russian broker.

Formerly a general manager at a US defence contractor, Peter Williams was found to have sold “incredibly powerful” tools which would have allowed Russia to “access millions of digital devices”, according to Jeanine Pirro, US Attorney for the District of Columbia.

Over a three-year period, the 39-year-old Australian national yielded “up to US$4 million” in cryptocurrency by stealing and selling eight separate ‘cyber-exploit components’.

According to the US Department of Justice (DOJ), these components were “national-security focused software” exclusively intended for the US government and “select allies”.

In addition to 87 months in prison, Williams was ordered to serve three years supervised release with “special conditions”.

Judge Loren AliKhan further ordered Williams to pay $1.83 million (US$1.3 million) in restitution and $1.83 million (US$1.3 million) in forfeitures.

According to DOJ, Williams will also need to hand over a house, various luxury items (such as watches, jewellery, and expensive clothing), and other property.

“By betraying a position of trust and selling sensitive American technology, Williams’ crime is not only one of theft, it is a crime of national security,” said Pirro.

“Our nation’s defence capabilities are not commodities to be auctioned off.”

Stealing from within

Williams was reportedly employed as general manager at Trenchant, a subsidiary of defence contractor and exploits developer L3Harris.

While much of L3Harris’ work is “de facto neither public nor publicised”, the company markets Trenchant as a “world authority” on cyber capabilities with clients across numerous US-allied governments and agencies.

Notably, Trenchant was formed after L3Harris acquired Australian startups Azimuth Security and Linchpin Labs in 2018.

Both companies developed and sold significant cybersecurity exploits to Western authorities, which reportedly included solutions for cracking into mobile devices and computers.

DOJ did not name Trenchant, though the department confirmed Williams used his access to a “defence contractor’s secure network” to steal trade secrets between April 2022 and August 2025.

Using the alias John Taylor, Williams repeatedly reached out to a Russian broker and entered written contracts which involved payment for initial sale, and additional periodic payments for ongoing support.

Williams initially pleaded guilty in October 2025.

Although he originally faced a maximum of 20 years in a US prison, Williams entered a plea agreement and admitted his actions cost his former employer “a financial loss of US$35 million dollars”.

“Theft of trade secrets from a company that sells national security-focused cyber and intelligence software to the US government and allied governments necessarily implicates national security,” said AliKhan.

“Williams indeed acknowledges that his actions caused harm to the intelligence communities, both in the US and Australia.”

According to ABC News, prosecutors further confirmed Williams worked for the Australian Signals Directorate prior to moving to the US.

Russian hack-trader sanctioned

DOJ said Williams contacted and delivered the stolen trade secrets to a cyber-tools broker through “encrypted means”.

Though the department did not overtly name the broker, it described a Russian entity which advertised itself as a “reseller of cyber exploits” to various customers, including the Russian government.

Concurrent with Williams’ jail sentence, the US Treasury and US State Department both announced sanctions for a broker known as Operation Zero.

_{Operation Zero pays hackers for new methods to crack phones, PCs, and more. Source: Operation Zero’s website.}

The Treasury noted Operation Zero – headquartered in St. Petersburg, Russia – offered millions in rewards to anyone willing to provide them with exploits for US-built software, and had previously purchased stolen cyber tools from Williams.

Operation Zero and its owner Sergey Zelenyuk received first-of-their-kind sanctions under the Protecting American Intellectual Property Act following “their acquisition and distribution of cyber tools harmful to US national security”.

“If you steal US trade secrets, we will hold you accountable,” said Scott Bessent, secretary of the Treasury.