You know what? This reads like a spy thriller – except it’s real life. U.S. prosecutors say Peter Williams, a former general manager at L3Harris’s elite cyber division Trenchant, secretly sold top-secret hacking tools to a Russian buyer for about $1.3 million. According to court documents seen by Reuters and CyberScoop, Williams allegedly stole eight different trade secrets from April 2022 through mid-2025, trafficking them “outside of the United States” — specifically into Russia. Williams, a 39-year-old Australian residing in Washington, D.C., led Trenchant from October 2024 until he left the company in August 2025.
According to the Department of Justice, between April 2022 and June 2025, Williams allegedly took seven separate trade secrets from two unnamed companies with the intention of selling them to a buyer in Russia. Then, between June and August 6, 2025, he allegedly stole an eighth secret under the same plan. Over the course of more than three years, prosecutors claim, he quietly copied confidential files and lined up a Russian purchaser. They say he earned about $1.3 million from these deals, prompting the government to seek forfeiture of all proceeds and assets linked to the crime. On October 14, 2025, the DOJ formally charged him in D.C. federal court.
The indictment details how Williams “did knowingly steal, and without authorization, appropriate, take, carry away, and conceal” the classified information with full knowledge that he would sell it to Russia. These actions violate the U.S. Trade Secrets Act — a law designed to protect critical national security technologies.
To understand how serious this case is, you need to know what Trenchant does. The division was created in 2018 when L3 Technologies (now L3Harris) acquired two Australian hacking startups, Azimuth Security and Linchpin Labs, for about $200 million. Both companies specialized in “zero-day” exploits — undisclosed software vulnerabilities that can break into iPhones, Android devices, and even the Tor browser. These exploits were reportedly sold only to the Five Eyes intelligence alliance (the U.S., UK, Canada, Australia, and New Zealand). In essence, Trenchant builds cyber weapons that governments rely on to protect national interests. L3Harris describes its mission as providing “offensive cyber capabilities” to allied nations to “make the world a safer place.” But the idea that one of its leaders may have funneled such tools to Russia is deeply alarming — it’s like handing an adversary the blueprints to the West’s digital arsenal.
If the accusations are true, this case is more than corporate theft — it’s a national security breach. A single insider compromising highly sensitive zero-days could allow Russia to study, counter, or even repurpose them against the U.S. and its allies. Billions of dollars in cyber defense investments could be rendered useless.
The DOJ isn’t just charging Williams — it’s going after his alleged spoils. The forfeiture list reads like something out of a spy novel. Investigators are targeting his Washington, D.C., home, claiming it was bought with illicit funds. They also list 22 luxury watches, including Rolexes, Omegas, Tag Heuers, a Grand Seiko, and even an Apple Watch Hermès. The list continues with designer accessories like a light-blue Louis Vuitton handbag, a Tiffany diamond “Lock” bangle, and a diamond and tanzanite ring. Authorities also identified two Moncler winter jackets and funds across multiple bank and crypto accounts — from Wise UK and Commonwealth Bank of Australia to Coinbase, Gemini, and Chase. The government says if any of these assets can’t be located, they’ll seize other property of equal value.
Despite the gravity of the allegations, Williams is not currently in custody. TechCrunch reported that some former Trenchant employees believed he’d been arrested, but the DOJ later clarified he hasn’t been detained. Sources suggest authorities may have been quietly building their case while public reports spread. Interestingly, L3Harris’s Trenchant division was already investigating a 2025 leak involving browser exploits before Williams’s indictment. One ex-employee reportedly claimed they were wrongly blamed for that breach — raising questions about whether the two incidents are related.
L3Harris and Williams’s defense attorney, John Rowley, have declined to comment. Williams is scheduled to appear in D.C. federal court on October 29 for arraignment, where a plea hearing will follow. If convicted, he faces up to 10 years in prison per count of trade-secret theft, along with the loss of millions in assets.
This case sends a chilling message: even the most secure cyber defense networks are vulnerable if one trusted insider turns rogue. For L3Harris, a key contractor for U.S. intelligence and defense operations, the fallout could be enormous — not just financially, but strategically. The trial may uncover how much damage was done, whether more insiders were involved, and just how deeply U.S. cyber capabilities may have been compromised.
Sources: U.S. Department of Justice court filings, CyberScoop, Reuters, TechCrunch, SC World, The Register, and CourtListener.