This story by Kim Zetter explains what happened last year when the DHS claimed that Russians had hacked a utility in Illinois. There are three lessons here.
The first lesson is that cyber has become the null hypothesis. Right now, your large organization has machines infected with viruses and has evidence of attack in firewall and IPS logs. When something unusual happens, it becomes impossible not to draw a connection between the two. That's what happened in Illinois: when a pump failed, they found a five month old login from Russia, and drew a (false) connection.
The second lesson is that experts pass on rumors, too. Just because a guy is from the DHS or CIA doesn't mean you should believe them. Sure, sometimes what they say is fact, but most of the time, they are just passing on rumors they've heard. That's what happened in stories like the Brazilian hacker power outage that was actually caused by forest fires, or another case of hackers causing blackouts for extortion revealed by the CIA. They had no evidence, they were just passing on rumors they heard, there was no special reason to believe them.
Which leads to the third lesson: the government serves a higher truth. By "higher truth" I mean "lies". That's what Zetter documents in her story: the DHS considers the mistake a "success" because it "generated interest" in cyber attacks. The DHS, the CIA, and the NSA believe they are doing a good thing passing on lies, half-truths, and uncorrected information. What that means to the public is that we cannot trust them.