As universities open for classes this month, they face an increasing threat from the Internet.
Students and hackers are breaking into academia's relatively open computer systems to steal files, operate criminal businesses, and infiltrate other networks.
The damage wrought by hackers, and legal liability, has university officials beefing up security and reconsidering the bounds of academic freedom. Anyone with online access can try picking just about any lock in cyberspace.
"It's a very serious problem for them," says Michael Overly, a partner and online specialist at the law firm Call, Clayton & Jensen in Newport Beach, Calif.
"Universities try to make their computer-use policies very lenient," he says. But the costs are harsh. Legal bills, theft of computer time, repairing hacker damage, it all costs colleges and universities millions of dollars each year.
At George Mason University in Virginia, for example, hackers last school year repeatedly broke into the engineering department's network. In their worst attack, they destroyed the files of several graduate students, representing weeks of work.
"From our machine, these people had access to the world," says Lloyd Griffiths, dean of the school of information technology and engineering. Police have arrested two former students.
It's not just technical whizzes wreaking havoc online. Even e-mail can deliver trouble. Last year at the University of California at Irvine, a student was arrested for sending anti-Asian hate mail to 60 students by using campus computers.
Often, the attacks don't come from students, but outsiders.
"People are constantly scanning the system on campus, trying to find systems that have holes," says Barbara Skoblick, information-technology security officer at Cornell University in Ithaca, N.Y.