Last month, a federal agency responsible for cybersecurity found itself targeted in a hacking incident, leading to the shutdown of two critical computer systems, according to a spokesperson for the agency and sources familiar with the matter speaking to CNN.

One of the affected systems at the US Cybersecurity and Infrastructure Security Agency (CISA) supports a program facilitating the exchange of cyber and physical security assessment tools among federal, state, and local officials. The other system contains information related to security assessments of chemical facilities, as per the sources.

Despite the incident, a CISA spokesperson emphasized that there is currently no operational impact and assured that the agency is actively working on upgrading and modernizing its systems.

"This serves as a stark reminder that any organization, regardless of its cybersecurity measures, can fall victim to cyber vulnerabilities. Having a robust incident response plan in place is crucial for resilience," the spokesperson noted, highlighting that the impact of the hack was contained to the two systems, which were promptly taken offline.

Sources familiar with the matter revealed that both systems were running on outdated technology slated for replacement.

As a division of the Department of Homeland Security, CISA is tasked with investigating cyber intrusions at federal agencies and providing guidance to private critical infrastructure entities to enhance their security posture.

Initial reports on the hack surfaced through The Record.

While the perpetrators behind the hack remain unidentified, it was executed through vulnerabilities present in widely-used virtual private networking software developed by Ivanti, a Utah-based IT company. In response to the widespread exploitation of these vulnerabilities, CISA had been urging federal agencies and private organizations to update their software and adopt other defensive measures.

Private researchers have previously linked the exploitation of Ivanti vulnerabilities to a Chinese espionage-focused group.

The irony of cybersecurity agencies or officials falling victim to hacking is not lost. These entities rely on the same technology infrastructure as others, making them susceptible to cyber threats. In a similar vein, Nate Fick, a prominent US cybersecurity diplomat, disclosed last year that his personal social media account was hacked, citing it as part of the inherent risks associated with his role.