We propose measures of network vulnerability and study some of their properties. We define a network as a triplet ( ), where is the graph of the network, is the routing protocol specifying how traffic flows on , and is the traffic load (typically random). Based on this structure, we calculate the expected loss of traffic from an "attack" which eliminates 100% of the network's links. The result is a network vulnerability curve (NVC) measuring expected loss as a function of 0 1.Clearly, different attack strategies (e.g., random versus malicious) could cause different levels of damages so, accordingly, we define four key NVCs: malicious, greedy, random, and Bernoulli, and study their mathematical properties. Some extensions are discussed.