Cyber Incident Victim: Holy See

On November 30, 2022, multiple Vatican websites including the primary domain vatican.va experienced extended outages following unusual access attempts, prompting technical investigations by Vatican authorities. The incident began during the afternoon when several official sites became inaccessible to users for several hours. By evening, vatican.va remained offline, indicating sustained disruption. Vatican spokesperson Matteo Bruni publicly acknowledged the incident, confirming abnormal traffic patterns but refraining from immediate attribution. The outage coincided with heightened geopolitical tensions following Pope Francis’s November 28 interview, where he suggested non-ethnic Russian combatants—specifically naming Chechens and Buryats—were responsible for particular brutality in Russia’s invasion of Ukraine.

Ukrainian Ambassador to the Holy See Andrij Jurasch directly attributed the cyberattack to “Russian terrorists,” asserting it represented retaliation for the Pope’s statements. Jurasch framed the incident on Twitter as emblematic of Russian political aggression, linking it to Moscow’s earlier diplomatic protests against the Pontiff’s remarks. Russian officials had condemned the Pope’s characterization of minority involvement in the war as “outrageous” prior to the cyber incident. The attack’s operational impact was confined to website unavailability, with no reported data breaches or secondary system compromises. No ransomware claims or hacktivist statements emerged. Vatican technical teams worked to restore services without disclosing mitigation specifics, while the incident amplified public scrutiny of cyber operations amid the Ukraine conflict’s information warfare landscape.