Skip to content

article by Neal Smyth, Head of Backup and DR

Update on the Recent Veeam Vulnerability:

How Ekco Led a Swift and Comprehensive Response

Recently, a major vulnerability highlighted in Veeam Backup & Replication software was identified, causing widespread concern across the industry. This security flaw, if left unpatched, would allow malicious actors to exploit systems and access sensitive data posing a significant risk for anyone relying on strong data protection and recovery measures.

Ekco’s Rapid Response Required Significant Effort in Remediation

The moment news of the Veeam vulnerability broke, Ekco mobilised a team of BDR Specialists and Platform Engineers. Over the course of just a few days, we invested more than 250+ hours in remediation efforts, including patching, communications, and risk assessments. Our primary objective was to patch all the core multi-tenant systems and our managed client infrastructures within the week.

We prioritised internet-exposed assets, conducting a thorough assessment and triage to ensure that systems most at risk were addressed first. The dedication of our team allowed us to move swiftly, ensuring that all vulnerable systems under our management were secured without delay.

Beyond our managed clients, Ekco also took proactive steps to engage with non-managed customers. We urged them to upgrade their remote instances or on-premises systems to the latest supported versions of Veeam, offering guidance and support where necessary. This ensured that even those outside our direct management could benefit from the protection they needed.

Challenges and Lessons Learnt

While the speed and comprehensiveness of our response was critical in minimising risk, it was not without challenge. Given the urgency of the situation, not every customer received communications as promptly as we would have liked. Additionally, some clients experienced post-upgrade issues that required further management and attention. In some instances, particularly those involving multi-tenant infrastructure, additional patch remediation from Veeam was required to fully secure systems.

This experience has provided invaluable lessons, not only in how we respond in critical situations, but also in the importance of refining our internal processes. We have taken this opportunity to review our communication strategies, ensuring future responses will be better aligned to client needs and timelines. Our aim is to improve the delivery of timely and transparent updates, so that clients are more informed throughout every step of the process.

Looking ahead, we recognise the need for a long-term review of our architecture. This will include exploring with our partners enhancement to multi-tenant infrastructures, improving patch management across all client systems, and integrating more robust security measures to help with mitigating controls on future vulnerabilities. By refining our architecture and strengthening our operational processes, we will continue to enhance the protection and performance of the services we deliver.

Throughout this entire process, the security of our clients and the criticality of the services we provide have always been at the forefront of our approach. Our dedicated team worked tirelessly to resolve any issues that arose, while maintaining the highest levels of protection and service continuity.

Still Exposed?

Take Action Now 

Ekco has all its core systems and its managed client base patched. If you’re uncertain about the security of your own systems, we strongly recommend checking and upgrading your Veeam instance to the latest version, as advised by Veeam here.

Ekco is pleased to announce the available capability to detect this vulnerability and its inclusion as part of the detection capability within our service via our partner watchTowr. This tool allows you to quickly and easily check whether your systems are secure, including ensuring that your backup and disaster recovery environments remain safeguarded.? watchTowr has a detailed technical blog on this, which is available here.

Our partnership with watchTowr allows us to offer our clients access to powerful detection tools that help identify weaknesses in an organisation’s cyber security posture, including Veeam backup and disaster recovery environments. Whether you’re a managed service client or a business seeking a one-off security check, Ekco can help you:

  • Detect vulnerabilities early: Using the latest in threat detection technology, we can pinpoint exposures in your infrastructure before they are exploited, reducing downtime and potential data breaches.
  • Custom risk assessments: Our team of experts provides tailored risk assessments, highlighting areas of concern and recommending actions to strengthen your security posture.
  • Real-time monitoring and alerting: We offer 24/7 monitoring, ensuring that any anomalies or vulnerabilities are addressed immediately, keeping your business running smoothly.
  • Expert guidance and support: Ekco’s experienced engineers are available to guide you through remediation, helping you apply patches, secure your systems, and prevent future vulnerabilities.

In a world where cyber threats are constant, Ekco is committed to helping organisations protect their critical systems and data. Whether you’re an existing client or a new customer looking for robust security solutions, we are here to help.

If you need advice, support, or simply want peace of mind regarding your current protection status, get in touch with our team today.

Get in touch

5 backup best practices for ransomware

  • Article
  • Blog
  • May 4, 2022

Backup best practices for ransomware, so that you can protect yourself against advanced attacks that target your on-prem and cloud…

Read more

Ekco Swiftly Secures Veeam Vulnerabilities

  • Article
  • Backup
  • September 19, 2024

Discover how Ekco secured backup & DR environments through extensive remediation efforts and proactive measures post a critical Veeam CVE…

Read more

Question?
Our specialists have the answer

Talk to us