CNA Staff, Nov 18, 2020 / 07:00 am
A cyber security expert has urged the Vatican to take immediate action to strengthen its defenses against hackers.
Andrew Jenkinson, group CEO of Cybersec Innovation Partners (CIP) in London, told CNA that he had contacted the Vatican in July to express concern about its vulnerability to cyber attacks.
He said that to date he had received no response, despite making several further attempts to raise the issue with the appropriate Vatican office.
The British cyber security consultancy approached the Vatican following reports in July that suspected Chinese state-sponsored hackers had targeted Vatican computer networks. CIP offered its services to address the vulnerabilities.
In a July 31 email to the Gendarmerie Corps of Vatican City State, seen by CNA, Jenkinson suggested that the breach might have occurred through one of the Vatican’s many subdomains.
Vatican City has a sprawling system of websites administered by the Internet Office of the Holy See and organized under the country code top-level domain “.va”. The Vatican’s web presence has expanded steadily since its launched its main website, www.vatican.va, in 1995.
Jenkinson sent follow-up emails in August and October, emphasizing the urgency of tackling weaknesses in the Vatican’s cyber defenses. He noted that www.vatican.va remained “not secure” months after the breach was reported. He also sought to contact the Vatican through intermediaries.
The Gendarmerie Corps confirmed Nov. 14 that it had received the information sent by Jenkinson. Its command office told CNA that his concerns “have been duly taken into consideration and transmitted, as far as their competence is concerned, to the offices that manage the website in question.”