One of the largest international cybersecurity firms claims that the Chinese have hacked since May the Vatican agencies involved in the renewal of the agreement.
by Massimo Introvigne
The renewal of the Vatican-China deal of 2018 is due in September 2020. The agreement is a matter of controversy within the Roman Catholic Church and beyond, although high-placed Vatican officers have indicated that it will be renewed.
That the relationship between the Vatican and the CCP is not one of trust seems to be confirmed by a report published on July 28, 2020 by Recorded Future, one of the largest international cybersecurity firms.
The report claims that, since early May 2020, the CCP has launched a successful cyberattack against the mail servers and computers of several Vatican departments, the Pontifical Institute of Foreign Missions (PIME), the Catholic Diocese of Hong Kong, and the Vatican-related Hong Kong Study Mission to China, whose predecessor played a key role in the 2018 deal. According to Recorded Future, the CCP thus accessed confidential email and documents.
While the attack exhibits similarities to those perpetrated in the past by CCP hackers belonging to a group known as Mustang Panda, or The Bronze President, the report claims that a technical analysis indicated another CCP group of hackers, RedDelta, as the perpetrator of the attack on the Vatican.
The attack started with a mail including as an enclosure a letter signed by Venezuelan Archbishop Edgar Robinson Peña Parra, the Substitute for General Affairs of the Secretariat of State, sent to Monsignor Javier Corona Herrera at the Hong Kong Study Mission to China and including a message from the Vatican Secretary of State, Cardinal Pietro Parolin, conveying the condolences of Pope Francis for the death of the elderly Bishop Joseph Ma Zongmu (1919–2020).
It is unclear whether this was a genuine or a fabricated letter but what is clear, according to the report, is that, by opening the enclosure, the Study Mission in Hong Kong gave to the CCP hackers access to its computers. The other Catholic targets were attacked with the same malware, that Recorded Future claims to have also found in computers of the National Police Academy and the Airport Authority in India, and the Ministry of Internal Affairs in Indonesia, and identified as coming from RedDelta.
In the case of PIME and other Catholic entities, the enclosures including the malware were a spoof of an UCA News article on Hong Kong and a text in Italian taken from the writings of Catholic scholar (living in Iran) Franco Ometto, “Qom: The Vatican of Islam.” Again, once they had opened the enclosures, the recipients had given to the CCP hackers access to their systems.
The relationship between the Vatican and the CCP looks increasingly as a spy story. Bitter Winter’s proposal to make the content of the 2018 deal public seems to maintain its interest in view of these recent developments.
Massimo Introvigne (born June 14, 1955 in Rome) is an Italian sociologist of religions. He is the founder and managing director of the Center for Studies on New Religions (CESNUR), an international network of scholars who study new religious movements. Introvigne is the author of some 70 books and more than 100 articles in the field of sociology of religion. He was the main author of the Enciclopedia delle religioni in Italia (Encyclopedia of Religions in Italy). He is a member of the editorial board for the Interdisciplinary Journal of Research on Religion and of the executive board of University of California Press’ Nova Religio. From January 5 to December 31, 2011, he has served as the “Representative on combating racism, xenophobia and discrimination, with a special focus on discrimination against Christians and members of other religions” of the Organization for Security and Co-operation in Europe (OSCE). From 2012 to 2015 he served as chairperson of the Observatory of Religious Liberty, instituted by the Italian Ministry of Foreign Affairs in order to monitor problems of religious liberty on a worldwide scale.
