The cyber-security expert Joseph Shenouda tells us about the Vatican Cyber Volunteers. A group of “good hackers” who voluntarily defend the Vatican every day.

---

 

The digital Swiss Guards defending the Vatican.

This is how one could define the Vatican’s “good hackers” who, day and night, stand watch to protect the Holy See on the web.

The group is called Vatican Cyber Volunteers and has been active since 2022. The name alone makes one thing clear: they are volunteers.

This is what struck us most when speaking with Joseph Shenouda, a cyber-security expert, founder and coordinator of the Vatican Cyber Volunteers.

The Vatican is the only State in the world protected by hundreds of hackers who act out of faith, shared values, and the importance of the Church in their lives (not all of them are Catholic).

 

The interview with the Vatican Cyber Volunteers

 

QUESTION – Dr. Shenouda, the Vatican has already collaborated in the past with ethical hackers; your work, however, has been ongoing since 2022. Can you tell us something about it?

ANSWER – Yes, in the past the Vatican had these collaborations which provided a “point-in-time” security assessment, valuable but limited.

A test photographs the state of security at that precise moment but the threat landscape is dynamic and constantly changing.

And the Vatican needs continuous monitoring across all its digital assets to detect and respond to threats as soon as they emerge.

 

QUESTION – Is this what you do then?

ANSWER – Through a global network of volunteers we provide the equivalent of an active video surveillance 24 hours a day, 7 days a week. More precisely, we manage a global network of intelligence for cyber-defense.

In practice we monitor the entire digital spectrum related to the Vatican: from its public assets and network vulnerabilities, to discussions on the dark web, darknet forums and the sale of compromised credentials. This constant vigilance is crucial for proactive defense.

 

QUESTION – What tools do you use?

ANSWER – We use threat intelligence at governmental and international levels, tactics used by groups of sophisticated hackers that allow us to perform “threat hunting”, that is a proactive hunt for threats, looking for signs of compromise based on the latest information about attackers.

 

The Vatican hackers: all volunteers

 

QUESTION – You mentioned a network of volunteers

ANSWER – We work with 110 volunteers from around the world, all professional experts in the field of cybersecurity, employed by various leading companies in the sector.

They donate their time and expertise to detect security alerts and potential threats related to the Vatican’s digital presence.

I act as the central coordinator, collecting all incoming reports, verifying each finding to ensure its accuracy, and then compiling a detailed report for the Vatican’s internal IT department.

Our reports include clear and actionable instructions on how to resolve the identified issue.

 

QUESTION – So there is an active collaboration with the Vatican’s digital security professionals

ANSWER – Yes, we consider ourselves a collaborative partner and a force multiplier for the Vatican’s internal teams. We provide an external and realistic view of security seen from the perspective of a potential attacker.

When we started the Vatican’s infrastructure was in a difficult state. Thanks to close collaboration, the security issues reported by our volunteers have been continuously addressed and resolved by the internal teams.

The operating model is that of an external consultancy group.

 

QUESTION – Are you all volunteers or does anyone have a contractual arrangement with the Vatican?

ANSWER – It is on a voluntary basis, there is no formal contract.

We work remotely and whenever one of our cybersecurity professionals discovers a security alert, they share it with our group. We then verify, check and report.

With so many volunteers using a wide range of professional tools and threat intelligence platforms, we obtain a much broader and more complete coverage than a single internal team could manage alone.

 

QUESTION – How are volunteers recruited? What criteria do you use to avoid sharing sensitive information about the Vatican’s digital security?

ANSWER – We predominantly use LinkedIn, our page serves as the main hub to attract cybersecurity professionals.

Candidate verification is a fundamental part and I use my background in threat intelligence. However, the most important security measure is the operational structure itself: the information flow is designed to be one-way, thus minimizing risks.

 

QUESTION – Which channels do you use to communicate among yourselves?

ANSWER – Individual reports occur through a secure end-to-end encrypted channel like Signal. After it has been verified and used, the chat is deleted and we produce a complete report that we deliver to the Vatican’s IT department.

This compartmentalized approach, based on the principle of “need-to-know” (access limited to strictly necessary information), ensures that no volunteer has a comprehensive view of the Vatican’s security status and that sensitive information is never shared with the group.

They provide raw data and we provide processed intelligence to the Vatican.

 

QUESTION – Are the volunteers all Catholic hackers?

ANSWER – It is a heterogeneous group. Although some volunteers are Catholic, about half of our members come from other Christian denominations or different faiths.

The unifying factor is not a specific religion, but the shared desire to contribute their skills for a good cause and to protect an institution of historical importance.

 

 

What Attacks Does the Vatican Face

 

QUESTION – Can you give a concrete example of a cyberattack against the Vatican that you have handled?

ANSWER – Recently, we discovered and reported a computer on a network affiliated with the Vatican configured as an “open proxy”. Anyone on the Internet could use it to hide their online activity for illicit purposes, making it appear as if the traffic was coming from the Vatican.

Following recent geopolitical events, we also detected activity from malicious actors presumably based in Iran, who were planning retaliatory cyberattacks against Western religious organizations.

Another case involved the hacking of the Augustinian Order’s website, which has ties to the Pope. The attackers had inserted links redirecting visitors to a pornographic website — a clear act of reputational damage.

We often discover databases and login credentials related to Vatican entities for sale on dark web marketplaces and hacker forums. Our timely reporting allows the owners to change their passwords. Every day brings new discoveries.

 

QUESTION – What are the most important Vatican assets that have been digitized? Thinking of the Vatican, one might expect a lot of paper and still little digitalization.

ANSWER – That’s an excellent question, as it highlights an important distinction in our mission. Our primary focus is not on the process of digitalization itself, but rather on the cybersecurity of the Vatican’s existing and future digital infrastructure. These are two distinct, though related, fields.

We protect the entire digital footprint of the Vatican — from publicly accessible websites and communication systems to internal networks and data archives — ensuring confidentiality, integrity, and availability of all currently digitized assets.

 

Why Defend the Vatican for Free?

 

QUESTION – One last question: this is a job that requires time and professional effort — why do you do it?

ANSWER – My motivation stems from a sense of duty and a proactive desire to help.

In 2022, my professional assessment indicated that the Vatican’s external digital posture had considerable room for improvement. I tried to contact them through official channels to offer my assistance, but I received no response.

However, action was necessary, so I took the initiative to create this “digital shield” to proactively identify and report vulnerabilities. Over time, by consistently demonstrating the value and reliability of our work, that initial effort evolved into a relationship of trust and productive collaboration with the Vatican.

I do this work free of charge because I believe in the mission. It’s a way for me to use my specific expertise to protect an institution that is important to me and to millions of other people.

 

QUESTION – What do you expect from the future of this collaboration?

ANSWER – I will continue this work as long as I can, but my hope is to see the Vatican give priority to cybersecurity as a central institutional function. This voluntary effort is, I hope, a catalyst toward that long-term goal.

 

---

Read all the other “Friday Interviews”