He learned the HARDWAY how not to setup your masternode. I will be putting together a list of things to check and an ISO and AMI for people to use with MOST of the issue addressed, you will still be responsible for checking any think I missed and verify it works for your setup.
I would like to request for no AMI images. There are already too many Amazon servers (over 50%) and I believe having a readily available image will just encourage more centralization! Just do ISO's, please!
Amazon already has the firewall locked down.
Root login without a .pem key is disabled.
Just the .pem key alone would of saved him.
This just shows though, that you absolutely need to be running a remote and local set up.
Again, this, that or the other would have saved him statement is based on the assumption that you harden one time and that's it. No, though you may make it difficult for the script kiddies to compromise via a brute force, etc., unless these MN are maintained properly, it is only a question of "when" the 1000DRK will be stolen.