Large public networks such as the Internet are more vulnerable than internal networks because they are virtually open to anyone. The Internet is so huge that when abuses do occur, they can have an enormously widespread impact. When the Internet becomes part of the corporate network, the organization‘s information systems are even more vulnerable to actions from the outsiders. Computers that are constantly connected to the Internet cable modems or Digital Subscriber Line (DSL) are more open to penetration outsiders because they use fixed Internet addresses where they can be easily identified. (With dial-up service, a temporary Internet address is assigned for each session.) A fixed Internet address creates a fixed target for hackers.
Telephone service based on Internet technology can be more vulnerable than the switched voice network if it does not run over a secure private network. Most Voice over IP (VoIP) traffic over the public Internet is not encrypted, so anyone linked to a network can listen in on conversations. Hackers can intercept conversations to obtain credit card and other confidential personal information or shut down voice service flooding servers supporting VoIP with bogus traffic.
Vulnerability has also increased from widespread use of e-mail and instant messaging (IM). E-mail can contain attachments that serve as springboards for malicious software or unauthorized access to internal corporate systems. Employees may use e-mail messages to transmit valuable trade secrets, financial data, or confidential customer information to unauthorized recipients. Popular instant messaging applications for consumers do not use a secure layer for text messages, so they can be intercepted and read outsiders during transmission over the public Internet.