When a man climbed on the main altar at St. Peter’s Basilica on Friday and threw down six candlesticks and an altar cloth, it was the the latest of a series of recent security issues at the Vatican.

In fact, the security team which stopped him may have already had some practice at that altar — In June 2023, another man also stood up over the basilica’s main altar — called formally the Altar of the Confession — completely naked, to protest the Russian invasion of Ukraine.

And in the same month, a man forced his way through the Porto Sant’Anna in a car, and the Vatican had been the target of numerous cyberattacks in recent years.

The recurring security breaches have led Vatican-watchers to ask if the Vatican is addressing its mounting security issues, or whether it is vulnerable to even more serious attacks.

Leave a comment

—
According to various Feb. 7 videos taken by onlookers, the man, identified by local media as a 40-year-old Romanian citizen, walked up to the Altar of the Confession and threw six candelabra and then the altar cloth to the floor before being stopped.

The Altar of the Confession sits prominently above the tomb of St. Peter and under Bernini’s recently restored baldacchino, one of the most recognizable artistic decorations in the basilica.

“This is an episode of a person with a serious mental disability, who has been detained by the Vatican Police and then placed at the disposal of the Italian authorities,” according to Holy See Press Office director Matteo Bruni.

Charges were pressed against the man for the damages caused and he was subsequently released, according to local media.

A similar incident occurred on June 1, 2023, when a man climbed up on the Altar of the Confession and fully undressed to reveal a message protesting the Russian invasion of Ukraine.

Cardinal Mauro Gambetti, archpriest of St. Peter’s Basilica, presided over a penitential rite at the altar following its desecration.

And just two weeks before that, in May 2023, a man drove through the police roadblock at Porta Sant’Anna, forcing his way past the two control gates.

A police officer shot the tires of the car trying to stop it, but the man made his way to the Courtyard of San Damaso, where he stopped the car and was placed under arrest by the police.

More recently, in April 2024 Vatican police arrested a man on New York’s “most wanted” list with three knives before a papal audience, and in May 2024 it detained a 59-year-old Czech priest with an air gun, two knives, and a box cutter in his bag before the Sunday’s Angelus address.

The Holy See has also been affected by a number of cyber attacks.

Most of the Vatican’s website crashed Nov. 19, 2024 and remained unavailable for several days in some parts of the world.

While the Vatican never confirmed the origin of the issue, Vatican spokesman Matteo Bruni gave indication over the weekend that Vatican officials themselves suspected an attack on their web servers.

Bruni said that there was an “abnormal number of interactions” on the servers, which, in combination with the countermeasures used, led to the current issues on the servers.

In 2015, the personal data of Vatican radio journalists and the Vatican’s website was hacked twice by hacking group Anonymous.

In 2018, both the Vatican and the Diocese of Hong Kong were affected by supposedly Chinese regime-backed hackers RedDelta ahead of talks to renew a provisional agreement on episcopal appointments.

In 2022, the Vatican’s website went down a day after the pope criticized Russia’s invasion of Ukraine.

After the November 2024 alleged attack, a cybersecurity expert showed The Pillar an analysis of the critical servers of the Vatican which were flagged as insecure, and said the DNS (Domain Name System) was exposed.

According to various cybersecurity experts contacted by The Pillar at the moment, the Vatican’s servers did not have any intermediaries to protect its DNS, making an attack way simpler, despite many warnings from independent cybersecurity organizations.

—
It is well known that the Vatican curia is facing a cash crunch, and looking to cut corners where it can.

And the Apostolic See’s approach to cybersecurity makes clear that upgraded security measures may be seen as financially out of reach, or of relatively low priority.

But if globally visible security breaches become even more normalized in years to come, the Vatican City State will have little room to say it wasn’t warned.