I can understand your frustration but its a Server and you cannot expect a server to run smoothly for months and years as you have services running on it which are accessible for everyone on web. If all ports are firewalled on the server then there wont be any problem with it as no one would be able to connect to the server.
FTP service was targeted on the server as the hacking kids were not able to create problems though web service or php. They have put lots of efforts to find a bug in ftp service and it seems that they are highly paid by online pharmacy companies to inject
website hostings using ftp service.
All problems are sorted now as the new server is running latest secure version of pure-ftp. Our CTO needs few days to implement certain things to ensure that such things don't occur again in future. We cannot depend on internal security of softwares like pure-ftp. Last year pro-ftpd was targeted and cpanel.net had sent a news to all cpanel users to switch to pure-ftp. Now they will need to find some other ftp software to embed with cpanel as people have managed to crack pure-ftp as well.