"From the analyzes and activities that are still in progress, it is confirmed that an extraordinary number of accesses to Vatican websites have been detected, if compared to normal activity," acknowledged Matteo Bruni, speaker early Thursday afternoon. of the Holy See, some 24 hours after the attack by unknown cybercriminals against the Internet structure of the Vatican began. "From time to time, services are usable, no matter how slow the speed and temporary interruptions," he said. In any case, the Vatican points out that "no one has defined it as an attack." For now they prefer to describe it as "anomalous movement", with access attempts that "do not come from a single country". And they assure that the attempts "have been limited, so to speak, to the door of the house." In other words, no intruder has entered the Vatican City State network. The delicate situation was verified this Wednesday early in the afternoon, when web pages located on Vatican servers began to fall. Little by little, they were recovering, although 24 hours later the operability was still compromised. Since no group has claimed the possible attack, it is presumed that it is not over yet. Although throughout Thursday, the main Vatican websites have returned to work, it is still unstable and many of its secondary websites are blocked. The block could be the work of computer hackers, or, more likely, the defense strategy of Vatican computer scientists, who have interrupted access to their own website to prevent hackers from taking control. The "anomalies" in the Vatican Internet servers that began days after the Pope will refer to the "cruelties" committed by the army of the Russian Federation on Ukrainian territory. "When I talk about (the war in) Ukraine, I talk about cruelty because I have a lot of information about the cruelty of the troops that are coming," Francis explained in response to a question from America Magazine. “Generally the cruelest are perhaps the peoples who are from Russia, but are not from the Russian tradition, like the Chechens, the Buryats, etc. obviously the one who invades is the Russian state, that is very clear”, he added. The comment, described as racist, provoked the official protest of the Moscow ambassador to the Vatican. Added to the chorus of criticism this Thursday was Russian Foreign Minister Sergei Lavrov, who said that the Pope has made "non-Christian qualifications." The Minister assured that "the Vatican has said that it will not be repeated and that there has probably been a misunderstanding, but this does not help to comment on the authority of the Papal State." It is not the first computer attack that repels the Holy See. In 2012, the attack against "Anonymous" was attributed, and in July 2020, another attack by hackers, who allegedly sought to report on the situation of the Catholic Church in Hong Kong. In which case, Beijing denied it. Bots In statements to ABC, Hugo Álvarez, Territory Manager Iberia of the Israeli cybersecurity company "Perception Point", opined that it is most likely now a "distributor denial of service (DDoS) attack." “This type of cyberattack attempted to make a website available by crashing it with malicious traffic. It is a kind of traffic jam caused by the attack with bots and automatic systems that block the normal functioning of a web page”, he explained. He assures that "normally the service is restored in a few hours, so it is not usually as harmful as malware or other types of attacks." “The normal thing is that the web pages have been blocked and collapsed by the attack itself. However, self-blocking is a typical remediation measure when this type of attack is being affected, so we cannot rule out that this was the case”, he assures. Miguel López, General Director of Barracuda Networks, another cybersecurity company, agreed with the diagnosis, (“it would fit with the data we have”) but warned that “these attacks can be used to mask other more surreptitious ones aimed at stealing information and/or injecting malicious code in the service (web page in this case) attacked”. The Vatican has not reported whether they themselves have blocked their pages, or whether the block is the result of the attack. “If it is a type of attack but “surgical” and directed, one way for older males to react and avoid it could be to close or drop the web to block the attack vector or even to exfiltrate the data they could be using. the attackers”, explained Miguel López. MORE INFORMATION noticia No The Russian Embassy in the Vatican protests the Pope's words about the Chechens noticia No The Kremlin, in favor of Vatican mediation in the conflict in Ukraine noticia No The Pope, about the protests in Iran: "A society that cancels women out of public life, impoverishes itself" adding that with the little data we have, "it could also be a ransomware attack (encryption and blocking of the data to demand a ransom for it) or even a Wiper (deletion of the data making it inaccessible and preventing the operation of the affected service) that would have spread through the farm of web servers forcing them to be turned off to avoid their dispersion”.
