Rio de Janeiro: A new campaign is giving a hard time to racist trolls in Brazil by plastering billboards in their neighbourhoods with their racist Facebook comments — thanks to a civil rights group run by Afro-Brazilian women.
The group has come up with this novel idea “to educate people that their words have a real impact”.
The campaign — ‘Virtual racism, real consequences’ — is run by Criola, an organisation founded in 1992 and led by black women.
It uses the location tag from Facebook posts to find where the offenders live. The group then buys billboard space in their neighbourhoods and puts the offenders’ comments on it, but blurring out their names and photos.
The project republishes the online comments as a reminder that virtual bullying can have an impact in the real world.
The campaign was launched in Rio de Janeiro after several racist comments were posted on social networking sites against Maria Julia Coutinho, the weather presenter of the most important news show in Brazil on July 3 — the country’s National Day to Combat Racial Discrimination.
Coutinho, the first black weather forecaster on Brazilian prime time television, corrected another anchor on air.
When another news site praised her for getting the terminology correct, many Facebook users responded with a torrent of comments against everything from her hair to her race.
“We wanted to provoke reflection. Does a comment on the internet causes less damage than a direct offence? For those who comment, may be. But for those who suffer it, the prejudice is the same,” says Criola on its official website.
In partnership with billboard media companies, the non-profit group put on the streets real comments posted on Facebook against the journalist.
“I got home stinking of black people,” reads one comment, while another says: “GFY dirty nigga, I dunno u but I wash myself.”
“We omitted names and faces of the authors — we had no intention of exposing the aggressors. We just wanted to raise awareness. This way people can think about the consequences before posting this kind of comment on the internet,” Coutinho says.
At a time when cyber attacks on businesses across industries are multiplying as they go digital, joining hacker-powered bug bounty and vulnerability disclosure programmes is the key to minimise such incidents and safeguard your key data, a top cyber security officer said on Tuesday.
Hacker-powered security is a technique that utilises collaboration with the hacker community to find unknown security vulnerabilities and reduce security risk. Popular examples include bug bounty programmes and vulnerability disclosure policies.
“Hackers have become an invaluable extension of the most trusted security teams, on a mission to find what others may have missed or could not see,” Alex Rice, Chief Technology Officer, HackerOne told IANS.
San Francisco-based HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with cybersecurity researchers.
It develops bug bounty solutions to help organizations reduce the risk of a security incident by working with the world’s largest community of ethical hackers.
Back in May 2018, Goldman Sachs became the first investment bank to launch a vulnerability disclosure policy.
“In the first year of their programme, more than 23 vulnerabilities, each representing real-world risk to their customers and data, were safely resolved,” Rice noted.
Today, Goldman Sachs is working with hackers to identify vulnerabilities in their consumer websites.
“On average, their internal security team has resolved vulnerability reports within two months, and have responded to bug reports in as little as one minute, further resolving reports within one hour,” said Rice who co-founded HackerOne in 2012.
Food delivery platform Zomato has paid more than $100,000 (over Rs 70 lakh) to 435 hackers to date for finding and fixing bugs on its platform.
With the help of HackerOne’s bug bounty programme since July 2017, Zomato has successfully resolved 775 vulnerabilities report.
“Zomato security team is tasked with protecting sensitive information for over 55 million unique monthly visitors,” said HackerOne.
Hackers are no longer anonymous guns-for-hire. They are being embraced by everyone — from the insurance industry to government agencies.
In August, HackerOne revealed that hackers earned $21 million in just a year reporting vulnerabilities via various bug bounty opportunities as governments’ efforts to fix malware increased a whopping 214 per cent globally.
According to Rice, research continues to show us that most breaches occur from basic lapses in security hygiene.
“It is important that organisations have layered defences, and use basic cyber hygiene principles such as multi-factor authentication and password best practices, followed by a security programme that focuses on covering your entire attack surface,” Rice told IANS.
Software is eating the world and software has bugs.
“All organisations — financial institutions, healthcare organisations, e-commerce companies, big box stores, media companies, practically anyone — are going digital and are equally at risk. We’re all in this together and are more alike than we realize,” he maintained.
On the bright side, the number of hacker-powered security programmes is rapidly growing all over the world.
According to HackerOne’s “2019 Hacker-Powered Security Report”, Latin America saw record growth of 41 per cent over the previous year and Asia Pacific grew 30 per cent.
Today, six of the top 10 financial services organisations in North America, and companies like Goldman Sachs, PayPal and Lending Club, are working with HackerOne.
Rice said that in terms of vulnerabilities, it’s really important that organisations have an efficient system in place to identify vulnerabilities and apply patches in a timely manner.
“Unpatched machines are still the most common attack vector for cybercriminals. Outside of basic hygiene practices such as applying timely security updates, the most effective means of doing so is to leverage the power of the friendly hacker community or what we call ‘hacker-powered security’,” Rice noted.
To tackle cyber attacks from nation-state bad actors, government agencies around the world are launching bug bounty and vulnerability disclosure programmes – like the European Commission, the UK’s National Cyber Security Centre, Singapore’s Ministry of Defense, Singaporean Government Technology Agency, the US Department of Defense, including the Army, the Air Force and the Marine Corp.