Overnight Cybersecurity: DNC hackers also targeted French presidential candidate | Ex-acting AG Yates to testify at Senate Russia hearing

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We’re here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you’re a consumer, a techie or a D.C. lifer, we’re here to give you …

THE BIG STORY:

DNC HACKERS TARGETING FRENCH ELECTIONS: The hackers behind the Democratic National Committee (DNC) email breach appear to have made similar attacks against Emmanuel Macron, a French candidate for president, as well as groups associated with German political parties, according to a new report. The security firm Trend Micro reports that the hacking groups known as Fancy Bear, APT 28 and Pawn Storm attacked the French and German targets using phishing schemes similar to the one that caught the DNC. U.S. intelligence, as well as the bulk of experts, believe Fancy Bear is a Russian espionage operation. Macron, a centrist, is facing right-wing nationalist Marine Le Pen in a contentious French presidential race already compared to the U.S. race of 2016. Le Pen, a pro-President Trump, anti-NATO candidate who has backed Russia’s annexation of Crimea, met with Russian President Vladimir Putin last month during a trip to Moscow. The Macron attack is one of three new attacks outlined in the report, released early Tuesday. Fancy Bear, reports Trend Micro, also attacked the German political group Konrad Adenauer Stiftung, associated with Angela Merkel’s political party, the Christian Democratic Union, and Friedrich Ebert Stiftung, associated with the Social Democratic Party. Like France, Germany has federal elections in 2017. Fancy Bear is known to use phishing attacks as an entry point for sophisticated malware exclusive to the group, known as X-Agent. It is one of a few ways the group can be tracked — Fancy Bear routs attacks through servers around the world that the organization reuses. According to the Trend Micro report, those servers have stayed active over the past three years an average of six months apiece, with 10 lasting for more than a year. That is a long lifespan for these types of servers, which Trend Micro believes is emblematic of a unique characteristic of Fancy Bear: It does not mind being caught.

To read the rest of our piece, click here.

AN UPDATE ON ALL THE PROBES:

SALLY YATES’ FIRST APPEARANCE WON’T BE IN FRONT OF EITHER INTELLIGENCE COMMITTEE: Former acting Attorney General Sally Yates will testify in May during a hearing regarding Russian interference in the U.S. presidential election. But it won’t be for either chamber’s intelligence committee, both of which were supposed to be the flagship investigations of their branch of Congress.

{mosads}Yates will instead testify on May 8 before a Senate Judiciary subcommittee.

President Trump fired Yates earlier this year for refusing to defend in court his original executive order restricting entry to the U.S. for refugees and people from certain Muslim-majority countries.

Earlier this month, the House Intelligence Committee asked several Obama administration officials, including Yates, to testify publicly in the panel’s probe into Russian interference in the election.

Former CIA Director John Brennan and former Director of National Intelligence James Clapper were also invited to testify with Yates.

To read the rest of our piece, click here.

SCHUMER UPSET WITH SENATE PROBE PACE: Senate Minority Leader Charles Schumer (D-N.Y.) wants the Senate Intelligence Committee to speed up its probe of Russia’s meddling in the 2016 White House race expressing frustration about the pace of the investigation.

“The last few weeks things have moved very, very slowly under Chairman [Richard] Burr’s [R-N.C.] leadership, and I’m a little troubled about it,” Schumer told reporters on Tuesday.  

Schumer added that he has a “great deal of confidence” in Sen. Mark Warner (D-Va.), the top Democrat on the committee.

“I give Sen. Warner some time and credence to try to work those things out, but things have moved too slowly for my taste and, I think, a lot of members of the committee’s taste,” he added.

The Intelligence Committee’s investigation, which also includes possible contacts between President Trump’s campaign and Moscow, has come under fire amid reports that the probe is moving slowly and understaffed.

Sources told Yahoo News that the investigation is being undercut by “partisan divisions.”

Separately, The Daily Beast reported on Monday that there are no full-time staffers assigned to the investigation, which involves sorting through thousands of pages of documents.

But some Republican senators on the panel are defending the probe.

“Reports about #Russia probe are wrong. Don’t confuse silence for lack of progress. Intel Cmte must conduct classified investigations quietly,” Sen. James Lankford (R-Okla.) said on Twitter.

To read the rest of our piece, click here.

WHITE HOUSE DECLINES OVERSIGHT REQUESTS FOR DOCUMENTS:

The Trump administration has denied a request from the House Oversight Committee for more information on payments that former national security adviser Michael Flynn received from foreign governments, including from the Kremlin-backed television station RT and other Russian firms.

Legislative affairs director Marc Short said the committee is requesting documents that are not in possession of the White House because they involved Flynn’s activity prior to President Trump’s Jan. 20 inauguration. Other documents sought by the committee, from after Jan. 20, involve sensitive information, he said.

“It is unclear how such documents would be relevant to the stated purpose of the committee’s review, which according to your letter is to examine Lt. Gen. Flynn’s disclosure of payments related to activities that occurred in 2015 and 2016, prior to his service in the White House,” Short wrote in a letter dated April 19 that was sent to committee leaders.

In March, the committee sent a letter to the White House, the Defense Department and several other administration heads asking for a range of records related to the payments received by Flynn, who also worked on Trump’s campaign and the presidential transition.

To read the rest of our piece, click here.

LAWMAKERS SAY FLYNN MAY HAVE BROKEN THE LAW: The top lawmakers on the House Oversight Committee also said that Michael Flynn may have broken the law by taking money from Russia and Turkey without permission.

“As a former military officer, you simply cannot take money from Russia, Turkey or anybody else,” Chairman Jason Chaffetz (R-Utah) told reporters Tuesday. “It appears as if he did take that money, it was inappropriate — and there are repercussions for the violation of law.”

To read more on that, click here.

WHITE HOUSE CALLS DOC REQUEST ‘OUTLANDISH’: The White House, though, hit back. White House press secretary Sean Spicer on Tuesday said the House Oversight Committee’s request for documents on former national security adviser Michael Flynn is “pretty outlandish,” defending the White House’s denial of the request.

“They listed for every call and contact that he made, which is an extraordinary number,” Spicer said at Tuesday’s briefing. “That’s a very unwieldy request.”

“To say we want the national security adviser, whose job it is to talk with foreign counterparts on a daily basis, to document every call he may or may not have made is not exactly a request that’s able to be filled.”

To read more on that, click here.

A LIGHTER CLICK: 

WOULD EXPLAIN A LOT, ACTUALLY: Antivirus software labels Windows as malware, Facebook as a phishing site.

A REPORT IN FOCUS:

A cellphone app allowing Hyundai owners to remote start Hyundai cars had a one-two punch of security flaws that could allow hackers to steal user information.

From December until March, claims the cybersecurity firm Rapid 7, Inc., Hyundai’s official Blue Link app may have allowed attackers to steal user information, including home addresses and vehicle identification numbers under certain conditions.

The app transferred data over an HTTP connection – what’s known as a cleartext transfer protocol, meaning the connection does not encrypt the data on its own. Instead, Hyundai used its own encryption. 

But Hyundai’s encryption used the same key each time, meaning it could be intercepted and changed by anyone. HTTPS connections, an alternative to HTTP connections, use a different key each time.

This problem has been patched for users with updated versions of the app.

Until the fix, Blue Link would send identifiable information about its user and their car to the Hyundai servers whenever it made contact.

“I don’t think there is any reason a developer might send data under clear text anymore under any circumstances,” said Tod Beardsley, director of research at Rapid 7, the firm that made the discovery.

Beardsley suggests that Google and Apple could potentially check to make sure that apps didn’t use cleartext.

WHAT’S IN THE SPOTLIGHT:

ASHLEY MAD-AGAIN: Extortionists are charging one-time members of Ashley Madison, a dating site for those seeking an affair, not to publish their personal information online.

Former users are being asked for around $500 in bitcoin to prevent the still unnamed blackmailers from posting information apparently culled from the widely publicized 2015 hack of Ashley Madison.

The blackmailers have set a September dealine for victims to send money before launching a “Cheaters Gallery” website.

A reporter for ZDNet says that the blackmailers quoted from his Ashley Madison profile in the emailed ransom note (“Give them points for the human touch,” he wrote).

Paying the ransom in no way guarantees personal information won’t appear online. Different attackers might purchase the same list, starting the process over again or even zeroing in on those willing to pay and extort them for more.

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

A Department of Commerce tech standards official is eying automotive hacking. (The Hill)

Wikipedia’s founder is going to solve fake news. (Wikitribune)

Well, maybe it’s Google that’s going to solve fake news: (The Guardian)

Apparently, consumers think artificial intelligence will solve everything else. (The Hill)

In the Spanish dub of the movie, how does the Terminator say “Hasta La Vista, Baby?” (Boing Boing)

How to disappear completely in an age of modern surveillance. (NextGov)

If you’d like to receive our newsletter in your inbox, please sign up here.

This story was updated on April 27 at 10:45 a.m.