Hackers linked to the Chinese state have infiltrated Vatican computer networks plus that of the Church’s Hong Kong Diocese, a US firm that tracks state-backed cyber attacks said in a report.
US cybersecurity firm Recorded Future said the attacks began in May.
“The Vatican and the Catholic Diocese of Hong Kong were among several Catholic church-related organizations that were targeted by RedDelta, a Chinese-state sponsored threat activity group tracked by Insikt Group,” said Recorded Future’s report released July 28. Insikt Group is the company’s threat intelligence research arm.
“This series of suspected network intrusions also targeted the Hong Kong Study Mission to China and the Pontifical Institute for Foreign Missions (PIME), Italy,” it said.
The Hong Kong Study Mission is seen as Pope Francis’ de facto representative to China.
The report said the targets included communications between the Hong Kong Diocese and the Vatican and used similar tools and methods previously identified with Chinese state-backed hacking groups.
The report comes as the Vatican and Beijing are expected to engage in talks this year over the renewal of a landmark 2018 deal on bishop appointments.
The report also follows news last week on how hackers — believed to be backed by the Chinese state — had hit members of the Hong Kong Catholic Church in a series of spear-phishing operations revealed by a malware analyst. The hacking attacks came to light as Hong Kong’s church leaders openly backed pro-democracy protests in the city despite warnings from the Vatican for clergy to remain neutral.
Beijing routinely denies it engages in any state-backed hacking attempts, and says it is a victim of such threats.
The reported hacking follows an extremely rare meeting between Beijing and the Vatican’s foreign minister in Germany earlier this year, marking the highest-level official encounter between the two sides in decades.
A Chinese delegation had been due to visit the Vatican as part of continuing talks but there was no indication if or when they would travel because of the coronavirus outbreak, a senior Vatican source has said.
The source, who spoke to Reuters before the hacking report, said it was still not clear if the deal would be automatically extended because of the pandemic and for how long.