Peter Williams Sold Russian Broker Zero-Day Exploit Kits, U.S. Prosecutors Seek Nine Years

Former CEO of Trenchant, a division of defense giant L3Harris specializing in surveillance tools, Peter Williams admitted to selling trade secrets of the utmost importance, and prosecutors say the full extent of his actions was only recently revealed to the public.

“US intelligence agencies, together with the National Intelligence Center (CNI) of Spain and other allies, warn Spain and other partners about the risk of Chinese espionage”

ABC

The U.S. Department of Justice is seeking nine years in prison and $35 million in damages for this betrayal, and it says the stolen information consisted of eight zero-day exploit kits described as security flaws unknown to software publishers and therefore particularly formidable because they are undocumented.

ABC

The DOJ said the exploits were sold to a Russian broker known for his close ties to the Moscow government, and it said the transaction effectively armed a strategic US adversary with tools capable of targeting millions of computers and connected devices.

Prosecutors also say Williams continued his illegal transactions even as the FBI was investigating the breach from late 2024, and they say he supervised Trenchant's internal investigation by having one of his subordinates blamed and fired to divert suspicion.

The U.S. cybersecurity agency is in a period of turbulence after budget cuts and a government shutdown affected the Cybersecurity and Infrastructure Security Agency (CISA), and the Cyberspace Solarium Commission assessment says the United States is lagging in implementing the 82 objectives designed to strengthen its cyber defense.

Politico reported that Madhu Gottumukkala, the acting director of CISA, accidentally downloaded sensitive documents last summer onto a public version of ChatGPT, and the incident occurred while access to ChatGPT was blocked for most Department of Homeland Security (DHS) employees.

BFM

The documents were not classified but were marked 'For Official Use Only', and the downloads repeatedly triggered automated cybersecurity alerts designed to prevent the theft or inadvertent disclosure of government data on federal networks.

Retired Admiral Mark Montgomery attributed the lag to budgetary restrictions imposed on CISA and to disruptions caused by DOGE's interventions within several strategic federal agencies, while CISA said Gottumukkala's use of ChatGPT had been short and limited.

A new inspector general report says bad cybersecurity practices from Secret Service agents left their phones vulnerable to hacking and risked the lives of senior US officials they are charged with protecting.

“Bad cybersecurity practices from Secret Service agents have left their phones vulnerable to hacking and risked the lives of senior US officials they are charged with protecting, according to a new inspector general report”

CNN

The report released Thursday by the Department of Homeland Security inspector general said foreign “adversaries” could have intercepted and exploited Secret Service information, placing at risk our Nation’s leaders, other protectees, and employees.

CNN reports that the probe found Secret Service employes frequently used their less-secure personal phones rather than their government phones while on protective missions, and it said someone who hacks an agent’s personal phone could steal “mission-related data, including contacts, user history, geolocation, and photos.”

The report also found the Secret Service was failing to wipe employees’ phones after returning from international travel and that the agency didn’t have a policy for testing software before it was deployed on employees’ phones, while Secret Service Director Sean Curran said the agency had made “several comprehensive enhancements to Secret Service communications policies and protocols.”