Abstract: | ‘Illegals’ are extensively trained individuals dispatched abroad under false identities with no observable links to their operating country. Technology has made possible a new kind of ‘virtual illegal,’ one that extends beyond the operating country’s borders without putting a human at risk. When this is done in a targeted manner by a sophisticated attacker it is called an Advanced Persistent Threat (APT). This article draws from historical illegals cases to identify parallels in the preparation, insertion, and control of malware by APTs. Ultimately, the methods for countering the two parallel phenomena can also be similar, despite their physical differences. |