A cyber security expert has urged the Vatican to take immediate action to strengthen its defenses against hackers.
The Catholic News Agency noted that cybersecurity expert Andrew Jenkinson of Cybersec Innovation Partners in London has expressed concern over the Vatican’s vulnerability to cyber attacks.
The British cybersecurity expert said he still had to receive a response from the appropriate Vatican office.
The Vatican has a sprawling system of websites administered by the Internet Office of the Holy See and organized under the country code top-level domain “.va.”
The Vatican’s web presence has expanded steadily since it launched its main website, www.vatican.va, in 1995.
Jenkinson noted that www.vatican.va remained “not secure” months after a breach was reported this year.
A report, released July 28, said hackers had breached Vatican websites in an attempt to give China an advantage in negotiations to renew a provisional deal with the Holy See.
Researchers said they had uncovered “a cyberespionage campaign attributed to a suspected Chinese state-sponsored threat activity group,” which they referred to as RedDelta.
The study was compiled by the Insikt Group, the research arm of the US-based cybersecurity company Recorded Future.
In a follow-up analysis, published September 15, the Insikt Group said hackers had continued to focus on the Vatican and other Catholic organizations.
It noted that RedDelta ceased its activities immediately after the publication of Insikt’s initial report.
“However, this was short-lived, and within 10 days, the group returned to its targeting of the Hong Kong Catholic Diocese mail server, and within 14 days, a Vatican mail server,” it added.
Hackers have frequently targeted the Vatican since it first went online.
In 2012, the hacking group Anonymous briefly blocked access to www.vatican.va and disabled other sites, including those of the Vatican secretariat of state and the Vatican newspaper L’Osservatore Romano.
Jenkinson told the Catholic News Agency that the Vatican had no time to waste in shoring up its defenses because the coronavirus crisis had created “a perfect storm for cyber criminals.”