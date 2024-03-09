



A federal cybersecurity agency discovered it had been hacked last month and was forced to take two key computer systems offline, an agency spokesperson and U.S. officials familiar with the matter told CNN. 'incident.

One of the systems affected by the U.S. Cybersecurity and Infrastructure Security Agency runs a program that allows federal, state and local officials to share cybersecurity and physical security assessment tools, according to U.S. officials informed about the subject. The other holds information on safety assessment of chemical facilities, the sources said.

A CISA spokesperson said in a statement that the incident has no operational impact at this time and that the agency continues to upgrade and modernize its systems.

“This is a reminder that any organization can be affected by a cyber vulnerability and that having an incident response plan is a necessary part of resilience,” the spokesperson said, adding that the impact of the hack was limited to two systems, which we immediately took into account. offline.

Both systems run on older technology that was already due to be replaced, sources told CNN.

Part of the Department of Homeland Security, CISA investigates cyber intrusions into federal agencies and advises private critical infrastructure companies on how to strengthen their security.

The Record was first to report the hack.

It was not immediately clear who was behind the hack, but it occurred because of vulnerabilities in popular virtual private network software created by Utah-based IT company Ivanti. For several weeks, CISA has been urging federal agencies and private companies to update their software or take other defensive measures in response to widespread exploitation of Ivanti vulnerabilities by hackers.

Among the hackers exploiting the flaws is a Chinese group focused on espionage, private researchers told CNN.

While there is some irony in this situation, even cybersecurity agencies or managers can fall victim to hacks. After all, they rely on the same technology as the others. America's top cybersecurity diplomat, Nate Fick, said last year that his personal account on social media platform X had been hacked, saying it was part of the perils of his job.

