But China and the Vatican are expected to begin sensitive negotiations in September to a renew a secret deal over control of the Catholic Church in China. Chinese leaders may have been looking for an advantage — inside knowledge on how the Holy See planned to approach the bargaining table, according to a report released Tuesday by Recorded Future, a threat intelligence firm.
Targeting the Vatican, the report continued, was part of China’s ongoing plan to seize control of the country’s underground Catholic church, whose leaders are not approved by the state-run China Patriotic Association.
The status of those churches and questions about who has the power to name bishops are at the crux of the negotiations between China and the Vatican. China also is keeping a close eye on the church’s stance on pro-democracy protests in Hong Kong, according to the report.
China is cracking down on religious groups
The revelations of China’s suspecting hacking come as the country has been accused of rampant human rights abuses against religious minorities, including Muslim Uighurs, Tibetan Buddhists and Christians.
“State-sponsored repression against all religions continues to intensify,” Secretary of State Mike Pompeo said in June, when the State Department released its report on the state of religious freedom in countries across the world.
“The mass detentions of Uighurs in Xinjiang continues. So does the repression of Tibetans and Buddhists and Falun Gong and Christians,” Pompeo said.
How sleuths noticed the suspected hackers
A research group within Recorded Future keeps a close eye on “threat actors” online, including state-sponsored hackers in China, said an analyst with the company. The analyst asked not to be named because of the sensitivity of the accusations.
“This kind of behavior by China is common and has been over the last couple of years,” the analyst said.
“It is currently unclear whether the actors created the document themselves, or whether it is a legitimate document they were able to obtain and weaponize,” the report said.
Another suspected hack bore the malware marks of RedDelta, a a Chinese-state sponsored “threat activity group,” according to the report.
The Recorded Future analyst said the Vatican was told about the hacking, which began in May, according to the report.