New art exhibit helps make cyber issues real

Governments and businesses spend billions of dollars each year trying to educate people not to click on phishing emails or suspicious links, to use strong passwords and multifactor authentication, to erase data from old devices when they get new ones, and to be skeptical of social media misinformation and potential online scams.

But it can be hard to make it real for the public, even as they hear about enormous data breaches by malicious actors. A new art exhibit at the Torpedo Factory Art Center in Alexandria, Virginia— timed to coincide with the end of Cybersecurity Awareness Month—looks to change that.

CyberArts, which runs now through Jan. 19, is funded by grants from the Commonwealth Cyber Initiative, an effort to boost cybersecurity research, workforce development and innovation among governments at all levels and Virginia’s academic institutions. The art show features six exhibits that explore identity, privacy, scams, misinformation, surveillance and artificial intelligence, with works from colleges and universities across the commonwealth.

One exhibit, from George Mason University, collated discarded smartphones and created 80 unique videos on them. Those videos show, for example, photos left on someone’s phone, their internet bookmarks or even their text messages. All personally identifying information has been removed. The idea is to illustrate the need to completely wipe data clean from old devices before passing them on to be recycled or resold.

Another exhibit from students at Virginia Tech explores how information can be hidden, detected and extracted, while a project from Blue Ridge Community College uses similar camera technology to that seen in retail stores, law enforcement and other organizations to track people’s likenesses as they move around a space, in a bid to show the importance of privacy, bias and consent.

Artists from Virginia Commonwealth University collected stories from immigrants and wrote them into scripts. In a live performance, actors read from the scripts while navigating five virtual reality locations. AI and emotion-tracking respond to the actors’ speech with visual and sound acknowledgement. The idea is to build empathy and connections with immigrants from Richmond, Virginia.

And James Madison University produced an exhibit exploring misinformation alerts for social media, using brainwave data to see how well the alerts might work on exhibit goers.

John Delaney, the Commonwealth Cyber Institute’s managing director, said the exhibits help make cybersecurity real for everyday people.

“Cyber is everywhere,” Delaney said during a press preview of the exhibit. “That means it's multidisciplinary, so it's not just computer engineers and computer scientists. ... It's more than that. As a means to educate the public, we thought, let's look at cyber differently. A lot of times you find that when you talk about cyber in this sort of venue, people get it. It touches them personally because they have the aha moment of, oh, that's cybersecurity.”

It's not the first time that the Commonwealth Cyber Initiative has combined cybersecurity with art. In 2022, it helped fund a similar exhibit in Roanoke, Virginia, which included performances, exhibits and a couple of board games. It may not appear that there is a strong relationship between technology and art, but that relationship is everywhere, including in how technologies are designed and how people’s understanding of them is shaped.

“Artists come at it from that human centered design point of view, and the engineers and scientists are coming out from the technological point of view,” said Ben Knapp, executive director of the Institute for Creativity, Arts and Technology at Virginia Tech, which explores the intersection of arts and technology and partnered on the project. “We've got to bring them together. That's what this is.”

For those behind some of the exhibits, it’s been a vital way to engage students on cybersecurity and help them cooperate with others who have different strengths and interests. Dan O’Brien, an assistant professor at Blue Ridge Community College and one of the leaders behind the likeness tracking project known as “Steal Your Face,” said it took eight workshops over the course of three months to train its AI systems.

Cybersecurity and computer science students coded the project using Python and synchronized a webcam to detect movement. Then, arts and design students helped add the ability for it to detect umbrellas, backpacks, phones and other inanimate objects that move into its path. It helped highlight yawning gaps in privacy protections that legislators have yet to properly address, and the potential for privacy violations in public places that use this sort of technology.

“The main thing that our students and our faculty researchers found when they did the research is this just happened without any laws being enacted or sometimes even policies,” O’Brien said. “We don't know how they store the data, where they're storing the data, if anything is secure, and it is a little scary, but we don't want to scare people too much.”

Others are looking to find new ways to make sometimes complex cybersecurity topics real. Katalin Parti, an assistant professor in the Department of Sociology at Virginia Tech, is planning to produce an interactive stage performance funded by the Commonwealth Cyber Initiative and others where actors tell stories of real-life online scams, then pause and invite the audience to chime in with their own experiences. The multidisciplinary effort creates a safe space for people, who may be embarrassed to have fallen victim to such scams.

“The thing with scam victimization is that everyone is targeted: you, me, everyone, independent of age group,” Parti said. “But why older people are outliers, is because their vulnerability is disproportionately higher than younger populations’ vulnerability.”