![\"vatican](\"https:\/\/www.uccronline.it\/eng\/wp-content\/uploads\/2025\/10\/hacker_vaticano.webp\")
<\/p>\n<\/p>\n
The cyber-security expert Joseph Shenouda<\/strong> tells us about the Vatican Cyber Volunteers. A group of “good hackers”<\/strong> who voluntarily defend the Vatican every day.<\/i><\/p>\n <\/p>\n The digital Swiss Guards<\/strong> defending the Vatican.<\/p>\n This is how one could define the Vatican’s “good hackers”<\/strong> who, day and night, stand watch to protect the Holy See on the web.<\/p>\n The group is called Vatican Cyber Volunteers<\/b><\/mark> and has been active since 2022. The name alone makes one thing clear: they are volunteers<\/strong>.<\/p>\n This is what struck us most when speaking with Joseph Shenouda<\/strong><\/mark>, a cyber-security expert, founder and coordinator of the Vatican Cyber Volunteers.<\/p\n\n\n\n The Vatican is the only State in the world<\/strong> protected by hundreds of hackers who act out of faith, shared values, and the importance of the Church in their lives (not all of them are Catholic).<\/p>\n <\/p>\n <\/p>\n QUESTION – Dr. Shenouda, the Vatican has already collaborated in the past with ethical hackers; your work, however, has been ongoing since 2022. Can you tell us something about it?<\/i><\/b><\/p>\n ANSWER – Yes, in the past the Vatican<\/strong> had these collaborations which provided a “point-in-time” security assessment, valuable but limited.<\/p>\n A test photographs the state of security at that precise moment but the threat landscape<\/strong> is dynamic and constantly changing.<\/p>\n And the Vatican needs continuous monitoring<\/strong> across all its digital assets to detect and respond to threats as soon as they emerge.<\/p>\n <\/p>\n QUESTION – Is this what you do then?<\/i><\/b><\/p>\n ANSWER – Through a global network of volunteers we provide the equivalent of an active video surveillance 24 hours a day<\/strong>, 7 days a week. More precisely, we manage a global network of intelligence<\/strong> for cyber-defense.<\/p>\n In practice we monitor the entire digital spectrum<\/strong> related to the Vatican: from its public assets and network vulnerabilities, to discussions on the dark web<\/strong>, darknet forums and the sale of compromised credentials. This constant vigilance is crucial for proactive defense.<\/p>\n <\/p>\n QUESTION – What tools do you use?<\/i><\/b><\/p>\n ANSWER – We use threat intelligence<\/strong> at governmental and international levels, tactics used by groups of sophisticated hackers<\/strong> that allow us to perform “threat hunting”, that is a proactive hunt for threats, looking for signs of compromise<\/strong> based on the latest information about attackers.<\/p>\n <\/p>\n <\/p>\n QUESTION – You mentioned a network of volunteers<\/i><\/b><\/p>\n ANSWER – We work with 110 volunteers from around the world<\/strong>, all professional experts in the field of cybersecurity, employed by various leading companies in the sector.<\/p>\n They donate their time<\/strong> and expertise to detect security alerts and potential threats related to the Vatican’s digital presence.<\/p>\n I act as the central coordinator<\/strong>, collecting all incoming reports, verifying each finding to ensure its accuracy, and then compiling a detailed report for the Vatican’s internal IT department.<\/p>\n Our reports include clear and actionable instructions<\/strong> on how to resolve the identified issue.<\/p>\n <\/p>\n QUESTION – So there is an active collaboration with the Vatican’s digital security professionals<\/i><\/b><\/p>\n ANSWER – Yes, we consider ourselves a collaborative partner<\/strong> and a force multiplier for the Vatican’s internal teams. We provide an external and realistic view of security seen from the perspective of a potential attacker<\/strong>.<\/p>\n When we started the Vatican’s infrastructure was in a difficult state<\/strong>. Thanks to close collaboration, the security issues reported by our volunteers have been continuously addressed and resolved by the internal teams.<\/p>\n The operating model is that of an external consultancy<\/strong> group.<\/p>\n <\/p>\n QUESTION – Are you all volunteers or does anyone have a contractual arrangement with the Vatican?<\/i><\/b><\/i><\/p>\n ANSWER – It is on a voluntary basis, there is no formal contract<\/strong>.<\/p>\n We work remotely and whenever one of our cybersecurity professionals discovers a security alert<\/strong>, they share it with our group. We then verify, check and report.<\/p>\n With so many volunteers using a wide range of professional tools and threat intelligence platforms, we obtain a much broader<\/strong> and more complete coverage than a single internal team could manage alone.<\/p>\n <\/p>\n QUESTION – How are volunteers recruited? What criteria do you use to avoid sharing sensitive information about the Vatican’s digital security?<\/i><\/b><\/p>\n ANSWER – We predominantly use LinkedIn<\/strong>, our page serves as the main hub to attract cybersecurity professionals.<\/p>\n Candidate verification is a fundamental part and I use my background in threat intelligence<\/strong>. However, the most important security measure is the operational structure itself: the information flow is designed to be one-way<\/strong>, thus minimizing risks.<\/p>\n <\/p>\n QUESTION – Which channels do you use to communicate among yourselves?<\/i><\/b><\/p>\n ANSWER – Individual reports occur through a secure end-to-end encrypted channel like Signal<\/strong>. After it has been verified and used, the chat is deleted<\/strong> and we produce a complete report that we deliver to the Vatican’s IT department.<\/p>\n This compartmentalized approach, based on the principle of “need-to-know”<\/strong> (access limited to strictly necessary information), ensures that no volunteer has a comprehensive view<\/strong> of the Vatican’s security status and that sensitive information is never shared with the group.<\/p>\n They provide raw data and we provide processed intelligence<\/strong> to the Vatican.<\/p>\n <\/p>\n QUESTION – Are the volunteers all Catholic hackers?<\/i><\/b><\/p>\n ANSWER – It is a heterogeneous<\/strong> group. Although some volunteers are Catholic, about half of our members come from other Christian denominations<\/strong> or different faiths.<\/p>\n The unifying factor is not a specific religion, but the shared desire to contribute their skills for a good cause<\/strong> and to protect an institution of historical importance.<\/p>\n <\/p>\n <\/p>\n <\/p>\n QUESTION – Can you give a concrete example of a cyberattack against the Vatican that you have handled?<\/i><\/b><\/p>\n ANSWER – Recently, we discovered and reported a computer on a network affiliated with the Vatican configured as an “open proxy”<\/strong>. Anyone on the Internet could use it to hide their online activity for illicit purposes, making it appear as if the traffic was coming from the Vatican.<\/p>\n Following recent geopolitical events, we also detected activity from malicious actors presumably based in Iran<\/strong>, who were planning retaliatory cyberattacks against Western religious organizations.<\/p>\n Another case involved the hacking of the Augustinian Order\u2019s<\/strong> website, which has ties to the Pope. The attackers had inserted links redirecting visitors to a pornographic website<\/strong> \u2014 a clear act of reputational damage.<\/p>\n We often discover databases and login credentials related to Vatican entities for sale on dark web marketplaces<\/strong> and hacker forums. Our timely reporting allows the owners to change their passwords. Every day brings new discoveries.<\/p>\n <\/p>\n QUESTION – What are the most important Vatican assets that have been digitized? Thinking of the Vatican, one might expect a lot of paper and still little digitalization.<\/i><\/b><\/p>\n ANSWER – That\u2019s an excellent question, as it highlights an important distinction in our mission. Our primary focus is not on the process of digitalization<\/strong> itself, but rather on the cybersecurity<\/strong> of the Vatican\u2019s existing and future digital infrastructure. These are two distinct, though related, fields.<\/p>\n We protect the entire digital footprint<\/strong> of the Vatican \u2014 from publicly accessible websites and communication systems to internal networks and data archives \u2014 ensuring confidentiality, integrity, and availability of all currently digitized assets.<\/p>\n <\/p>\n <\/p>\n QUESTION – One last question: this is a job that requires time and professional effort \u2014 why do you do it?<\/i><\/b><\/p>\n ANSWER – My motivation stems from a sense of duty<\/strong> and a proactive desire to help.<\/p>\n
\nThe interview with the Vatican Cyber Volunteers<\/h2>\n
The Vatican hackers: all volunteers<\/h2>\n
![\"hacker](\"https:\/\/www.uccronline.it\/eng\/wp-content\/uploads\/2025\/10\/Vatican-Cyber-Volunteers.webp\")
<\/p>\nWhat Attacks Does the Vatican Face<\/h2>\n
Why Defend the Vatican for Free?<\/h2>\n