Cyber experts report 'chasing ghosts' after US warning
Worried customers were following the government's advice, issued Dec. 29, and comparing digital logs recording incoming network traffic to their computers and finding matches to a list of hundreds of internet addresses the Homeland Security Department had identified as indicators of malicious Russian intelligence services cyber activity.
The incident illustrated the difficulties and dangers of imprecise government warnings on cybersecurity, especially when national security concerns are at play and sensitive details may compromise information sources.
The Associated Press found that nearly one quarter of the internet addresses identified by the Obama administration as potentially tied to Russian activity had traced back to computer servers that help users browse the internet anonymously.
Other internet addresses released by the Homeland Security Department traced to servers at American universities and email provider Yahoo Inc. The government cautioned that the addresses weren't automatically tied to Russian malicious activity, but instead were indicators that computer security experts should investigate further.