Passersby, as seen in a YouTube video of the event, seemed far from horrified – rather, a sense of amusement seems to permeate the air. Nostalgia for the days of old-school arcade games aside, the owners of the digital sign were actually pleased because, they said, it alerted them to a security hole with no real harm done. In fact, billboard ad company, DPC, gave Ivan Petrovic, 21, and Filip Stanisavljevic, 20, iPad minis to reward their efforts.
“This has never happened before, but we appreciate the fact that these guys have, in a charming way, pointed us to this huge problem,” Slobodan Petrovic, manager at DPC, told Serbian newspaper Kurir, as reported by ABC News. “Now it is clearer than ever that we need to protect ourselves better. In more developed countries, these actions are unthinkable because of severe sanctions.”
Even though the alien-blasting interlude ended with a “Hacked4Fun” graphic, Petrovic and Stanisavljevic were quick to point out that they “are not members of Anonymous” and that they had white-hat motivations in pulling the stunt. “We are not hackers nor do we participate in any form of hacking,” the duo said in the notes for the video. “We are two computer science students who did this for research purposes only, to demonstrate the lack of security in IT systems in general.”
They added, “We wanted to demonstrate how companies sometimes pay very little attention to security – it had nothing to do with this specific company or even billboard companies, but rather any company that uses any form of technology that can be targeted by this kind of attack. We chose the billboard simply because we believed it is the strongest way to prove our point.”
The billboard was inactive for a total of 22 minutes and “normal function was restored as soon as our demonstration was over,” they added, after which they contacted DPC about the weaknesses in the system, with all the necessary information to fix the problem.