The January 14, 2013 episode of the popular CBS cop show Hawaii Five-O offered us more than the great scenery we have come to expect. It offered us three alternative endings.
What was the key lead that allowed the team to solve the case? It was the spearphishing email that the perp sent to the victim. In classic APT style, the email contained malware that gave the perp access to the victim’s files.
In the West Coast ending, the perp missed one key element of an effective APT — he used his own identity in the email attack. If only real APT attackers left such a trail for investigators. But they don’t.