On March 1, 2026, Iranian drones directly struck two AWS data centers in the UAE and damaged a third facility in Bahrain, the first time a major US tech company’s data center was disrupted by military action. The IRGC claimed it, citing the centers’ role supporting US military and intelligence networks. Then on March 31 Iran formally labeled 18 US technology companies as legitimate military targets, including Amazon, Microsoft, Nvidia, Google, Apple, Meta, Oracle, Cisco, and IBM.
The AWS strikes took down two of the three availability zones in the UAE region and one in Bahrain, and because multiple zones failed at once, standard redundancy models failed. Cloud redundancy is engineered against independent failures: a transformer dies, a switch fails, a zone floods. The company has designed resilience to failures as uncorrelated, so the odds of two at once are the product of two small numbers.
That’s not how warfare works.
A wartime adversary creates a correlated failure on purpose. It hits the redundancy in the same cycles, and the independence assumption that the whole design rests on is gone. Availability zones sit tens of kilometers apart so synchronous replication can balance being fast and inexpensive. That proximity is a feature against random failure and a target package against an area weapon. American resilience, despite the lessons of 9/11, designs fit inside a single firing range.
As many of us know first-hand from working in the trenches of the early 2000s datacenter build-outs, cross-region failover exists. Yet when Iran attacked, AWS told customers to back up and migrate to other regions manually, and data-residency law pins much government and regional data to the region it lives in. The outage took down Abu Dhabi Commercial Bank, Emirates NBD, First Abu Dhabi Bank, Snowflake, and Careem.
Manual migration in 2026 isn’t on anyone’s plan.
Now consider the exposure of the current centralized “giga” strategy of American AI data build-outs. In particular, the Anthropic deal with xAI is a national security disaster on multiple levels. Training is worse than serving, and xAI (literally named Colossus) is the world’s largest single-site vulnerable AI training installation, near 2 GW with about 555,000 GPUs on one Memphis site running on on-site gas generation.
Have you seen those videos of the Russian gas sites burning after drone strikes? In the fog of war, xAI is building the largest fully operational single-coherent cluster, which means it is one synchronous fabric with no failover at all.
None. Nothing.
Lose even a tiny piece of the site, lose an entire run. The “Tesla Mad Max” mentality to make it the fastest and most polluting trainer on earth makes it the most concentrated single point of failure on the earth.
One site. One power source.
Anthropic is inherently vulnerable as it runs on this over-concentration of power. It has contracted up to 5 GW from Amazon, with the first gigawatt expected by the end of 2026, and just took all of xAI’s Colossus 1 in Memphis to serve Claude capacity. That suggests all of Anthropic data has no privacy protection from Elon Musk and Trump. But that’s privacy. In terms of availability and integrity, it’s extremely exposed to catastrophic failure.
The Amazon infrastructure that was struck in the Gulf and the single Memphis cluster are both how Claude gets served, vulnerably and controversially. The Elon Musk rushed plant design in particular has been firing huge, deadly plumes of pollution at the neighborhood, which makes the controversial datacenter strategy stand out even more.
We’ve been talking about rising asymmetric threats on critical infrastructure for years, although subtle, around the world. From a drone in the Gulf, blackmail by Russian hackers, bomb on a pipeline, Volt Typhoon on the grid, disgruntled Russian developer, or contractors in San Francisco and Berlin.
When Elon Musk cosplays being a ruthless Emperor, think about why Napoleon Bonaparte was such an inhumane and incompetent disaster (killing his own troops faster than the enemy could). When someone says the Pentagon is relying on the biggest and most concentrated compute ever for identification and targeting, feel free to say it’s time we talk about why “Mr. Blownapart” ships went to the bottom of the sea.
Or if you prefer more modern military lessons, Mussolini marched into north Africa with no go plans and several hundred thousands of his best Italian soldiers. Then the Allied Operation Compass in February 1941 used only around 30K troops to wreck the entire fascist army and take 130,000 prisoners in Libya and Egypt. Wingate’s tiny Gideon Force, using just a few thousand men, punched even harder and took the surrender of tens of thousands of Italian troops in Ethiopia.
One element I haven’t discussed here, which would significantly shift the threat model, is whether these “datacenters” of empty space waiting for power are meant to be pivoted into human incarceration as fascism has done in the past. Massive concentration camps of political prisoners certainly would make more sense for the rushed build-out economics, and remove all the worry about supplying them with infrastructure like water and power (scarcity being the point). US datacenter construction has been on pace to overtake what the country spends building offices, whether these massive concentration halls are filled with computers or anyone Trump points his finger at.
