Pakistan Tehreek-e-Insaf, through a high ranking party member, has alleged the government of Pakistan for monitoring its emails that are hosted with Google using Google Apps, an email service offered by Google for businesses.
Dr. Awab Alvi, a senior member of PTI’s social media team, in a blogpost today, alleged the government (establishment division) for monitoring Pakistan’s cyber space to track political activities. Dr. Alvi’s allegations are based upon a message appearing in PTI’s email boxes that reads as following:
WARNING: We Believe State-Sponsored Attackers may be attempting to compromise your account or computer
Clicking on warning message takes users to a new URL where Google explains the methods of safeguarding email accounts.
Awab Alvi confirmed that all PTI members are getting this hack-warnings despite 2-step verification, a process through which access to Google accounts is granted to authorized users after verification through SMS or phone call.
Google started warning its email users, largely to those residing in China, of such state-sponsored attacks in June this year. Google, on its official blog, had said:
We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized. When we have specific intelligence—either directly from users or from our own monitoring efforts—we show clear warning signs and put in place extra roadblocks to thwart these bad actors. We believe may be the target of state-sponsored attacks.
You might ask how we know this activity is state-sponsored. We can’t go into the details without giving away information that would be helpful to these bad actors, but our detailed analysis—as well as victim reports—strongly suggest the involvement of states or groups that are state-sponsored.
Internet experts had then criticized Google for not fully explaining the threat types and the way Google detects it. They questioned Google for troubling users without communicating a clear and complete message, especially when Eric Grosse, VP of security engineering, said that the alert doesn’t mean there has been an attack—just “that we believe you may be a target.”
Two security experts from Pakistan termed these allegations by PTI meaningless. They didn’t rule out the possibility of getting email accounts compromised (through state owned filters and monitors) but said it is very less likely for Pakistanis government, which is notorious for having very limited technological knowledge, to be able to decrypt Google emails.
It merits mentioning here that all Google emails use encryption to securely transport messages over internet. Reading these emails messages for a third-party (other than Google) requires decryption which is usually impossible. Having said this, it must be noted that decryption of any message is possible, which may require plentiful of efforts and skills.