“The infections are difficult to detect, since network connections between service providers and their customers aren’t suspicious,” the BfV said. “This gives the attacker an even better disguise than before.”
Deja Vu: PwC UK, BAE Share Similar Reports
Major MSPs and IT consulting firms have tracked the alleged attacks for quite some time. For instance, a hacker group called APT10, likely backed by China, has compromised and infiltrated MSP networks to access end-customer systems since at least 2016, according to a 25-page PwC UK and BAE Systems report.
The hacks, collectively dubbed Operation Cloud Hopper, may date back to 2014 or so, the report suggests. In response, SolarWinds MSP in April 2017 published five recommendations to help MSPs combat the cyber threat.