Ezboard Inc. Victim Of Vicious Internet Attack

Ezboard systems touted as the "largest online community network site on the planet", was virtually brought to its knees Tuesday as the result of "a very precise and malicious internet attack resulting in the loss of a significant amount of current and historical board postings and interrupted services across all systems", according to Ezboards' CEO, Robert Labatt's message to Ezboard members.

Tuesday's attack caused denial of service errors throughout the system and affected millions of users across approximately 9,000 message boards. The attack resulted in massive data loss, both current and historical from message boards within the system. Many Boards also lost accumulated monetary funds stored within their communities that is used toward Board subscription services.

Labatt is ensuring Ezboards members that their personal information including credit card info remains safe and was not touched during the attack.

Most message boards were accessible within several hours of the initial attack yesterday and Board owners are currently assessing the amount of data loss in their communities. Ezboards is warning their members that although they will do their best in restoring lost data, complete data restoration may not be possible. Repairs will be underway for the next week to 10 days.

more
http://www.halifaxlive.com/artman/publish/ezboard_010605_7762.shtml

NOW Do You Feel Secure on the Internet?
by Mark Faulk
Two weeks ago, The Faulking Truth subscribed to a message board, www.ezboard.com with the promise of better and more features, more posting capabilities, and a bunch of stuff our little website couldn't offer. There have been some problems with the message board from the start, slow loading, etc., and it went down for a day last week, but overall, it seemed like a good move.

Then, yesterday, the entire EZBoard system was attacked by hackers, who have systematically deleted every post on our board (and hundreds of others as well, apparently), beginning with the two forums that deal with the Stockgate scandal. Although they knew about the hackers yesterday morning, the system corruption is ongoing, and the rest of our forums disappeared sometime during the night. Is it a coincidence that the first of our forums to "disappear" were the ones dealing with the most volatile issue that we cover, the ongoing stock market scandal? I have no idea, but I have forwarded that information to the legal department at the EZBoard company. I'll let everyone know what they find out.

Here's my question for everyone: If hackers can so easily subvert an entire system as large as EZBoard, the self-described "largest online community network site on the planet",with over 9,000 forums, and apparently delete an entire system with the click of a mouse, what does that tell us about how secure all of our internet systems are? If it's this easy to hack into their system and corrupt the entire program, how secure do you feel about the millions of websites that ask for your credit card numbers every day? Do you still believe that our electronic voting system is foolproof? Do you think that the trading of billions and billions of stock market shares over the internet every day is a secure, fair system? How about your bank account and other sensitive personal information that is stored on the internet? Do YOU feel secure on the internet?

As for EZBoard, they've "assured" customers that no personal or credit card information was illegally accessed or stolen, but then, many of their message boards have had their accounts where their subscribers donate money hacked into and deleted. As for me, I'll be taking an extra long look at my credit card bills over the next few months, and I'd suggest that everyone else do the same.....just in case.
more
http://www.faulkingtruth.com/Articles/BlogFest/1041.html


Update: 6/1/05 19:11

Dear ezboard Family,

By now you I am sure that you are quite aware that ezboard's systems were severely attacked early on Tuesday morning. Since that time, we have been focused on getting boards running properly and restoring data. We have restored a significant number of boards and we are continuing to restore boards and system functionality as quickly as possible. I want to bring you up to speed on what we know, what we are doing and what happens next:

Here is what we know:

1/ The attacker erased all historical post data on all boards and a significant amount of back-up data - the reason we have been able to restore some boards at this time is that we have back up data from the May 9th incremental back-up (we perform back-ups every day, but the attacker deleted many of them). As a result, some board data will be restored, with entries between May 9th and the attack missing. We *may* be able to restore this more recent data from data that we can retrieve from RAM on the servers. The probability of this being successful is not known right now.
2/ Personal and credit card information was not compromised - ezboard does not have CC information on file,
3/ User data, ezSupporter and board configuration data was not compromised,
4/ We have restored data to many boards at this point,
5/ We have additional back-up data for approximately 8,000 boards and will be able to restore over half of all Gold Boards,
6/ We have information on the attacker and are building a case,
7/ New security measures have been put into place to reduce the potential for future attacks,
8/ Your Community Chest and board expiry data was in separate systems and will be restored soon,
9/ Trial boards that were moved off of p097 before the attack will likely be OK. Boards that were created on p097 may not be available.

What we are doing:

1/ Repairing systems to allow posting on all boards,
2/ Restoring data where possible,
3/ Actions have been taken to close the method the attacker used to gain access to the systems.

Next Steps:

We want to be sure that your concerns are addressed as directly as possible. In addition to the above information, we ask you to read the Important Announcements and New Server Status forums frequently for updates. Please read these announcements prior to posting your questions in a forum. Because of the scope of the communities were affected by this attack, it will not be possible to give individualized responses to every user, every poster, or every help ticket. Keep in mind that we do read your questions and will certainly combine frequent questions and themes into broadcast messages like this one.

I would like to thank the ezboard operations staff who have been on the job since Tuesday at 5AM and continue to work hard restoring boards and modifying systems to reduce the threat of future attacks. While you may not be aware of their commitment, please believe me that they are working non-stop for you.

In addition to the hard work that these folks are doing, other members of our team are working hard on the next version of your community experience. An experience that will be vastly improved using the knowledge gained from the last five years of ezboard community and the exciting new developments in online interaction happening now.

Thank you for your patience. We will be keeping you updated every until this is resolved. At this point you should expect to see an update at Noon Pacific time each day.

------


CIA Overseeing Three-Day War Game to Mimic Response to Crippling Internet Attack

By Ted Bridis The Associated Press
Published: May 25, 2005

WASHINGTON - The CIA is conducting a war game this week to simulate an unprecedented, Sept. 11-like electronic assault against the United States.
The three-day exercise, known as "Silent Horizon," is meant to test the ability of government and industry to respond to escalating Internet disruptions over many months, according to participants. They spoke on condition of anonymity because the CIA asked them not to disclose details of the sensitive exercise taking place in Charlottesville, Va., about two hours southwest of Washington.

The simulated attacks were carried out five years in the future by a fictional new alliance of anti-American organizations that included anti-globalization hackers. The most serious damage was expected to be inflicted in the closing hours of the war game Thursday.
more
http://ap.tbo.com/ap/breaking/MGBN0XW469E.html

canine diabetes and Cushings' boards. They are both important sources of support for people, giving medical and care instructions. We have been basically shut down since Tuesday.

or is it lost forever?

backups. I find it hard to believe that these INTERNET companies do not run backups. I worked 28 years in IT and not a day went by that all 1400+ servers were not backed up. If a site is run properly, there is absolutely no reason in hell to permanently lose all data.

they were hacked also

look what I saw on another thread here, CIA is messing around the internet War Games is what they're calling it. Coincidence?

http://ap.tbo.com/ap/breaking/MGBN0XW469E.html

If you can't backup your own forum, what use is it?

I mean backups destroyed by the hackers? I'd love to see these amateurs' definition of "backup".

A real self-administrated board is cheaper and far better; I don't see why ezBoard has a single customer left. It obviously isn't their security either.



Seems to be more like lounge stuff.

denial of service errors throughout the system and affected millions of users across approximately 9,000 message boards


is lounge stuff?

" Lounge stuff" wasn't intended to be degrade the severity of the issue. It is just that it isn't a political issue and that the IT crowd tends to hang out in the Lounge.

And the "backups deleted by hackers" part is really hilarious.

So are you telling me that only political issues can be LBN?

The majority of the lost boards will still be in there; save them to disk as long as you still can.

That caught my attention also? :shrug: WTF?
Maybe they consider RAID to be a "backup". :eyes:

double backups to tape or one back up to to server and another set to tape is the only way to ensure recovery of potential lost data. Obviously this hosting company is cheap, green or both. There's not a corporation in the world that doesn't plan for disaster recovery.

> There's not a corporation in the world that doesn't plan for disaster
> recovery.

No, but there's sh*tloads that haven't tested their plans ...

running on 9/12 at 3:00a.m. just hours after World Trade #7 collapsed. their DRA plan was in place and worked without missing a beat.

If you have a plan that has been tested in advance, you have a genuine
disaster recovery strategy. If you don't, you have a worthless POS.

I have worked with several customers who were pleased to show me their
nice Word, Powerpoint and Visio documents but who stopped with an
embarrassed silence when asked when it was last tested. I have also
had to work on data recovery when customers have found out the hard
way that their plan could be summed up as "Oops".

I wasn't denying that it *can* be straightforward & viable, just that
it *is* straightforward & viable.

Congratulations ... sounds like EzBoard Inc would have benefitted from
your competence.

I hated their boards. It doesn't suprise me that this happened to them.

One of my boards has completely disappeared, another lost loads of posts, another no longer has funds, and a shitload of others are in various states of disarray.

I love EZBoard, but truth is, when someone invents a better system, there are many of us who will smile and wave goodbye at EZ on our way out the door.

The problem with many systems, like PhBB, Ikonboard, UBB, is that you need a host for your board, or the other problem is that you might get a board for free someplace like Yahoo, but there is only minimal customization allowed. At least with EZBoard, currently the #1 board site, there is limitless customization, the cost isn't that high, and your board can take up as much space as necessary. You can't beat that.....yet.

As soon as the dust settles, we can evaluate how much actually got lost, as the last intact backup is a month old.

:scared:

Thanks. Scary what ya get when ya start adding things up.

... Ezboard should have server logs with the IPs of the hackers.

It is way past time for some of these sorry-assed vandals to spend a few years in don't-bend-over prison.

I really hope they are trying to find and prosecute the douchebags who did this.

And more importantly: the competition in the field is harsh. It is not exactly a "honorable" field of business; forum hosts are running a pyramid scheme:
it is cheap and easy to start a forum, but it really gets expensive after a while. The catch is: it is not (not without a good piece of work) possible to download the posts and userdata.
Now, nobody wants to lose the users and posts; hence moving to a cheaper solution - be it self-hosted or the competition - is impossible.

This is ONLY a test. If this were a real Bushco internet shutdown, you would not have heard about it. There would only be a 404 message.

This is what happens when you cut an IT staff or replaced seasoned techs with low wage temp-style employees. No IT professional worth anything at all would have kept "backups" this vulnerable. EZBoard's negligence is almost actionable.

I'm willing to bet that some form of IT staff cut or similar cheap labor management scheme is at the root of this vulnerability. But you'll still hear people balk at coughing up the cash for a qualified IT professional. Penny wise and pound foolish.

"Why pay a tech staff when I can fire them after the initial setup and then get a Hummer company car with the extra cash! Boo-yah!"

If anyone remains a client to these clowns after this debacle, they need their head examined and they frankly deserve what they get.

it seems you're not blaming the victim, unless he stays on!

And for the record, a backup kept on the same server? I don't call that a backup, I call it stupid.

I hope the DU admins have a steel-solid backup. Content management systems and forum database systems are by their nature very inviting to hackers. You can't make them impervious. And for anyone who recommends hosting a CMS/forum app on your own server, don't be so sure. Unless you are professionally hosted by people who really know security inside and out, you are sending hackers an engraved invitation. I used to run webcrossing on my own server, and it was a security nightmare. I moved our sites forums to ezboard and have in general been pleased with the service and the interface -- a little too complex for newbie forum users, but a breeze from the admin side. Don't know why anyone would call it a pyramid scheme. It costs me like $30 a quarter and that doesn't go up unless there is a huge volume of traffic on the forums, which is unlikely given their esoteric subject matter and the fact that posting is limited to registered members I have to approve individually. When I hosted my own forums the cost in my time and effort was many times what I pay ezboard every quarter.

Frankly, I don't care about the forum's archive and if it's gone it's no big deal. It's only ever useful for current discussions for us. They just better damn well be right about having secured the credit card data!

RCM

it's widely recognized to be the most secure, and the admin side is a dream. I've been using it since v1.31 and when 2.1 comes out, it will be miles above its main competitor, vbulleting. At $69.95 for a yearly license, plus the cost of hosting, you'd probably not spend much more.

I've been messing around with bbs software for years now, and for features and security nothing beats Invision.

http://invisionpower.com

Invision is behind feature-wise and rather shady at the moment.
It doesn't have a single selling point, you could just as well go with phpBB. Especially considering that phpBB3 will probably be released later this year.

For commercial systems, nothing beats vBulletin; under budget constraints it is possible to make a case for WBB 2.3 .


*yay* a board software discussion :evilgrin:

but ask any hacker what board they would choose - it will be Invision.

Shady? I don't think so - if you know a little PHP it's easy to modify. We've added Karma, a recipe index, a FAQ section and little things like personal emoticons.

But really, the important point here, is not to use EZBoard!

The best board is the one that works. If IPB was the one best meeting your needs, then it simply is the best board for you.

It's very simple - in the vast world of computing if you want a secure and stable system, product, or service, you have to either do your homework and choose a vendor that knows what the hell they're doing, or else you have to learn the system and build it yourself. "ezboard" was obviously clueless about security.