Dr Fazal Ali
Data centres and hyperscale cloud infrastructure are the new victims of war. Hyperscale cloud infrastructure offers unparalleled, rapid scalability for immense computing, storage, and networking demands. Managed by industry leaders such as AWS, Microsoft Azure, Google Cloud, and Oracle Cloud, these architectures can dynamically scale resources on demand. This enables companies to efficiently handle enormous workloads without the cost and complexity of building and maintaining their own physical IT infrastructure.
Defending them requires a new policy posture that creates deterrence to safeguard data. Betting big on the Gulf’s seclusion and opulence, the region has seen billions of dollars invested in AI infrastructure and cloud technology. The objective was to make it the next hub for AI development. At the Spring 2026 Meeting of the IMF and the World Bank in Washington, DC, three clouds hovered on the horizon. These were overbuilding in technology and AI, AI cybersecurity vulnerabilities created by Mythos, which has not yet been released to the public, and a rare global recession caused by events in the Strait of Hormuz.
Twenty-nine regional offices and data centres operated by Amazon, IBM, Nvidia, Google, and Palantir have been explicitly targeted as legitimate military targets on Iran’s IRG Telegram Channel. The list details five AWS, five Microsoft, six IBM, three Palantir, four Google, three Nvidia, and three Oracle facilities, highlighting the scale and strategic importance of these infrastructures. Notably, Palantir, which develops the data architecture for the Pentagon’s Project Maven, has an AI program that processes drone and satellite imagery to identify targets for airstrikes, and is headquartered in Abu Dhabi.
This created a sovereign-data-and-AI localisation trap. States are earnestly building National Data Libraries as they curate clean data before adding a veneer of AI Assistants and Claws or autonomous AI Agents designed for high-level automation. Bureaucracies that are building sovereign identity frameworks as the backbone for safe citizen-facing digital services are mindful that they are overseeing sensitive personal data.
In many jurisdictions, the prevailing view advocates for hosting sensitive data domestically rather than in offshore data embassies. Yet, these assets remain vulnerable to drone attacks in regions such as the Gulf. This reality will inevitably lead to a reassessment of risk, potentially causing a significant and lasting slowdown in investment. Even if the war cools, major lenders and AI behemoths will remain cautious, unwilling to ignore the vulnerabilities that have been exposed.
Consequently, investments that were once directed toward ambitious AI campuses in the Gulf are likely to shift to jurisdictions with stronger military protection. The future of AI infrastructure will no longer hinge on affordability alone but will prioritise making it more resistant to disruption and easier to insure.
Unlike Iran, Ukraine is fighting a data-driven, AI-enabled war made possible by companies such as Clearview AI, which help Ukraine enhance checkpoint security and identify Russian operatives; Starlink, which replaces internet services disrupted or destroyed during the conflict; and Cisco, which supports cybersecurity training and the defence and security of critical infrastructure.
The strategy combines cutting-edge software, flexible operations, and the strategic migration of data to cloud locations both inside and outside the country. Technology companies moved from the back office to the front lines. The cloud’s elegance lies in its flexibility: data can move seamlessly. But data centres can’t move. Tech companies do not have air defences and private armies. Their security operations are managed by intelligence analysts.
In Russia and Ukraine, data centres are being targeted both through physical and cyber means, making them key critical infrastructure targets on the digital battlefield. While Russia has targeted Ukrainian data centres primarily to destroy connectivity and cloud services, Ukrainian forces and hacker collectives have targeted Russian data centres in retaliation. In April 2024, Ukrainian hackers destroyed the OwenCloud.ru data centre, erasing 300 terabytes of data, destabilising operations in oil, gas, and aerospace.
In February 2026, Ukrainian Unmanned Systems Forces launched a drone strike on a data centre located in Russian-occupied Prymorsk, Zaporizhzhia Oblast. Throughout the conflict, Russia has targeted Ukrainian data centres and critical internet infrastructure through both cyberattacks and kinetic missile strikes. The massive, sustained Russian attacks on Ukraine’s energy grid, which destroyed roughly half of its generating capacity by June 2024, have directly caused widespread data centre outages.
What is also different in the Russia-Ukraine context is that Ukraine relies heavily on foreign hyperscale cloud providers rather than domestic providers to support its digital infrastructure, having migrated over 10 petabytes of critical data to these platforms by mid-2022 to ensure wartime continuity. At the start of the 2022 invasion, Ukraine quickly shifted government registries, ministry data, and university systems to Western cloud providers for safety and reliability. In the Gulf, the red line that once separated enemy combatants and industry has now been crossed.
Dr Fazal Ali completed his Master's in Philosophy at the University of the West Indies. He was a Commonwealth Scholar who attended the University of Cambridge, Hughes Hall, the provost of the University of Trinidad and Tobago and the acting president, and chairman of the Teaching Service Commission. He is presently a consultant with the IDB.
