Feeds

Hacked flight sim site in catastrophic crash and burn

Avsim, RIP

Top 5 reasons to deploy VMware with Tegile

A popular website for users of flight simulation gear has been felled, most likely fatally, after malicious hackers attacked both of the servers housing more than 12 years worth of content supplied by its 60,000 members.

Tom Allensworth, the founder of Avsim.com, said in a statement that that an attack on Tuesday left the site "effectively destroyed." He added: "The method of the hack makes recovery difficult, if not impossible, to recover from. We are not able to predict when we will be back online, if we can come back at all."

The news sent an outpouring of sympathy and rage on temporary forum boards set up in the aftermath. "I just read a post in the SimV forums about the veritable catastrophe that has struck Avsim, and along with it, the flightsimming community as a whole, and was shocked, furious and saddened all at the same time," one participant wrote.

But the debacle has also led to criticism that Avsim operators didn't take steps to better protect the site's rich store of content. According to Allensworth, data from the library and email server was backed up on a separate server for the website and forums and vice versa. Alas, it would appear there was never a master copy stored offsite and offline, so when both servers were attacked, more than a decade of links, software modifications, and exchanges were permanently destroyed.

"Who would have predicted the simultaneous successful attacks on our system?" Allensworth wrote in one message. "Over 12 years of very secure operation and no successful attacks kind of indicated to me that our approach was at least working. On Tuesday, the 12th of May at about 10:00 p.m. EDT, we found out otherwise."

The trouble started earlier that evening, when parts of the site stopped working, according to this account. First, FTP and SSH access to the site stopped working, and later, the web and forum server was knocked offline. Soon, the email and library server also showed signs of problems. It wasn't until the servers were rebooted that the admins discovered that "the partitions on both servers had been removed."

It remains unclear who is responsible or exactly how the attacks were carried out. ®

Beginner's guide to SSL certificates

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.