"However, this was short-lived, and within 10 days, the group returned to its targeting of the Hong Kong Catholic Diocese mail server, and within 14 days, a Vatican mail server," it said.
"This is indicative of RedDelta's persistence in maintaining access to these environments for gathering intelligence, in addition to the group's aforementioned high risk tolerance."
Parolin said Monday that he expected that the Vatican would renew the China deal, which was signed on Sept. 22, 2018 and is due to expire in October.
"With China, our current interest is to normalize the life of the Church as much as possible, to ensure that the Church can live a normal life, which for the Catholic Church is also to have relations with the Holy See and with the Pope," Parolin said Sept. 14, according to Italian bishops' news agency SIR.
The Insikt Group concluded that RedDelta was willing to risk exposure in order to gain access to confidential information.
It said: "Given the continued RedDelta activity despite extensive public reporting, we expect the group to continue operating with a high operational tempo with minor tweaks in TTPs [Tactics, Techniques, and Procedures]."
"In previous reporting, we highlighted the group's targeting of entities such as religious organizations and non-governmental organizations (NGOs), which often lack the ability or will to adequately invest in security and detection measures. This likely further fuels the group's willingness to reuse publicly known infrastructure and TTPs."