Wendy Nather at Dark Reading has post on the explosion of white hat “offensive defense”.
She speaks to an issue I have been thinking about for some time. More and more security firms and internal security groups are going “offensive”. They are setting up more and more honey pots, creating fake malware, posting about false vulnerabilities, and actively participating in hacker forums. Even the hackers are getting in on the action by dropping false information and leads.
At what point does the false information start to swamp the real and cause the value of the collected intelligence to degrade. Undercover law enforcement calls the problem “blue on blue” where one group (typically overt) is actively investigating an under cover group.
I was told a story like this by a friend in law enforcement. He told of a drug case. A deal was going down in a warehouse between some drug distributers and drug importers. In the middle of the transaction the warehouse was raided by the local police. Turns out, everyone there was in law enforcement.
Even if that story was apocryphal, it illustrates what we are likely to see on-line. Undercover is in many ways easier and certainly less dangerous on-line, and we are likely to see many private investigations in addition to official law enforcement activities.
This is likely to get interesting. The Internet may start to feel like cold war Vienna, where you never know where anyone really stands.