The Internet's criminal underground shares a lot of information. Technical tips and newly found net vulnerabilities are traded in password protected chat rooms and encrypted e-mail groups. When the black hats see a particularly promising new vulnerability, they go in themselves. They proceed very carefully. The criminal black hats plan their operations as thoroughly as a professional heist. Nothing is left to chance, for getting caught can be fatal. In China, they execute black hats.
Until recently, the only way you found out about a successful black hat operation was after it was too late. And sometimes not even then. The black hats covered their tracks carefully. To them, a successful operation was one that was never discovered. Then the white hats came up with the concept of honey pots.
The honey pots have proven useful in finding out what tools and techniques the black hats have. This makes it possible to build better defenses. Honey pots also make the black hats uncomfortable and less confident that any server they are hacking into is not rigged to catch them. This makes the white hats happy.
Perhaps the next step is to configure the honey pot so that it sends a return message to the hacker's computer informing him that he's now toast and can expect to spend the next twenty years providing tech support for the staff at the federal penitentiary.
RLC