Cybersecurity expert urges Vatican to strengthen internet defences

A cyber security expert has urged the Vatican to take immediate action to strengthen its defenses against hackers.

Andrew Jenkinson, group CEO of Cybersec Innovation Partners (CIP) in London, said that he had contacted the Vatican in July to express concern about its vulnerability to cyber attacks.

He said that to date he had received no response, despite making several further attempts to raise the issue with the appropriate Vatican office.

The British cyber security consultancy approached the Vatican following reports in July that suspected Chinese state-sponsored hackers had targeted Vatican computer networks. CIP offered its services to address the vulnerabilities.

In a July 31 email to the Gendarmerie Corps of Vatican City State, Jenkinson suggested that the breach might have occurred through one of the Vatican’s many subdomains. 

Vatican City has a sprawling system of websites administered by the Internet Office of the Holy See and organized under the country code top-level domain “.va”. The Vatican’s web presence has expanded steadily since its launched its main website, www.vatican.va, in 1995. 

Jenkinson sent follow-up emails in August and October, emphasizing the urgency of tackling weaknesses in the Vatican’s cyber defenses. He noted that www.vatican.va remained “not secure” months after the breach was reported. He also sought to contact the Vatican through intermediaries.

The Gendarmerie Corps confirmed Nov. 14 that it had received the information sent by Jenkinson. Its command office told CNA that his concerns “have been duly taken into consideration and transmitted, as far as their competence is concerned, to the offices that manage the website in question.”

A report, released July 28, said that hackers had breached Vatican websites in an attempt to give China an advantage in negotiations to renew a provisional deal with the Holy See.  

Researchers said they had uncovered “a cyberespionage campaign attributed to a suspected Chinese state-sponsored threat activity group,” which they referred to as RedDelta.

The study was compiled by the Insikt Group, the research arm of the U.S.-based cybersecurity company Recorded Future. 

In a follow-up analysis, published Sept. 15, the Insikt Group said that hackers had continued to focus on the Vatican and other Catholic organizations even after their activities were publicized in July.

It noted that RedDelta ceased its activities immediately after the publication of its initial report. 

“However, this was short-lived, and within 10 days, the group returned to its targeting of the Hong Kong Catholic Diocese mail server, and within 14 days, a Vatican mail server,” it said.––CNA