Seven years' prison for Australian who sold zero-days to Russia

By
Former L3Harris division manager Peter Harris sentenced after guilty plea.

Peter Williams, the former general manager of United States defence contractor L3Harris's cyber security arm Trenchant, was today sentenced to seven years and three months in prison by a US district court.

The 39-year-old Williams had pleaded guilty in October last year to selling exploits for zero-day vulnerabilities to a Russian broker.

After serving the prison sentence, Williams faces another three years of conditional supervised release, the US Department of Justice said.

He will also forfeit US$1.3 million in funds, cryptocurrency, his house, and luxury watches and jewellery.

Over a three-year period, Williams was found to have sold eight offensive cyber exploits, for US$4 million ($5.65 million) in cryptocurrency.

Williams admitted that L3 Harris and Trenchant suffered a US$35 million loss through his actions, and the US company may seek restitution for that amount at another hearing in May this year.

“Theft of trade secrets from a company that sells national security-focused cyber and intelligence software to the US government and allied governments necessarily implicates national security, and Mr Williams indeed acknowledges that his actions caused harm to the intelligence communities, both in the US and Australia," district court Judge Loren AliKhan said when sentencing Williams.

Alongside Williams' sentence, the US Treasury's Office of Foreign Assets Control (OFAC) sanctioned the Russian broker the Australian sold the exploits to, Sergey Sergeyevich Zelenyuk, and his Operation Zero company, which was formally registered as Matrix LLC.

A further three Russians, Marina Vasanovich, Azizjon Mamashoyev, and Oleg Kucherov were also sanctioned for being associates of Zelenyuk.

Kucherov is an alleged member of the Trickbot cyber crime gang, the US Treasury said.

Williams is ex-Australian Signals Directorate staffer who became the general manager of L3Harris Trenchant, after the American company bought the Australian cyber security specialist Azimuth in 2018.

