The Washington Post sort-of covers honeypots, but mixes in national security issues. But one paragraph is out of place, because the article doesn’t really cover strike-back:
Those actions probably would violate federal law, FBI officials said. The bureau also warns that the use of deceptive tactics could backfire – hackers who identify data as bogus may be all the more determined to target the company trying to con them.
TL;DR: good guys are baiting systems with data, not just standing up honeypots. Then they can alert any time anyone touches the bait – there are a bunch of ways to do this. We talked a little about this last year.
And yep, we are implementing it ourselves in a few places – no special security products needed.
Don’t ask us where.