I support Nanako's solution. Here are some of my reasons.
While the AI does accept connections from remote computers (several ports are likely reserved for communicating with the AI, as it needs to control the NT intranet), attempts to alter it's system programming from these remote systems will not be accepted. It does this through something akin to a DMZ. The AI servers dealing with packets originating from the wider NT intranet are sandwiched between two firewalls.
The firewalls provide deep packet inspection (possibly with limited "intelligent" functions that transcend the problems faced by current methods), and these external packets cannot pass through into the AI core network under normal circumstances. Oh, and did I mention the honeypots?
As you can see, it is probably extremely difficult to penetrate the security of something as vital as an AI, unless there's some novel exploit (hacked traitor module?) that manages to get pass all these measures, or the attacker manages to perform social engineering on 2 heads of staff at once, which is impressive feat that deserves being recorded in the hall of fame.