After a missile hits the Amazon data center

Why Are AI Data Centers Becoming New Targets in Geopolitical Conflicts?

The image shows a data center that was hit, possibly generated by AI. Image created by AI.

By Su Yang

Edited by Xu Qingyang

On April 3, multiple foreign media outlets including the Financial Times cited information from insiders, saying that an Amazon data center in Bahrain was struck by a missile.

The day before the attack, the Silicon Valley giant’s entities and related assets operating in the Middle East—including Microsoft, Apple, Google, Meta, and 18 other U.S. companies—were warned about potential risks.

At the beginning of March, two other Amazon data centers in Bahrain and the UAE had also been attacked.

Attacks on hyperscale data centers during a war highlight that they have become highly “tempting” strategic strike targets—based on publicly available information, a 1GW data center total investment exceeds $50 billion.

It is important to note that the destruction of data centers involves not only physical damage losses, and not only losses of assets worth hundreds of billions of dollars, but also—because they are critical infrastructure—an attack may also become involved in a country’s and region’s internet and artificial intelligence development process.

01 Your Food Delivery Has Gone Offline

When a data center is bombed, the most direct result is the disruption of related services.

After the first attack in early March, among Amazon’s three AWS data centers’ “availability zones” in the UAE, two went offline simultaneously, at one point causing a widespread shutdown of local internet services.

Online services for Abu Dhabi Commercial Bank and the National Bank of the UAE were interrupted; the payment platform Hubpay could not be used; and the food delivery app Careem also collapsed. Millions of users who relied on these digital services found that their wallets, ride-hailing apps, and company operations were all rendered unusable as the data centers shut down.

Although AWS had long emphasized that its data centers feature redundancy design—if one facility has a problem, backups can automatically take over—this time, multiple sites were struck simultaneously, and the redundancy mechanisms basically failed to function.

It is worth noting that physical damage includes building structure collapse, interruption of power supply, fires, and secondary water damage caused after the fire-fighting systems are activated. Amazon explained on its service health page that the process of rebuilding and restoring a data center will be “very lengthy,” and some services may take weeks to repair.

For the operators and owners of data center assets, physical damage is directly linked to economic loss.

Building a traditional data center costs about $7 million to $12 million per MW. If it is an AI data center equipped with the latest Blackwell and Rubin chips and precise power and cooling equipment, the cost per GW—according to the figure stated earlier—can reach $50 billion.

According to data disclosed earlier in February by the U.S. construction-sector analysis firm ConstructConnect, the average cost of data centers scheduled to break ground in 2025 is $633 million.

Adding the newly attacked Bahrain data center, the direct physical losses, equipment replacement, and revenue reduction across AWS’s four facilities, taken together, conservatively add up to billions of dollars.

Additionally, in emails sent to affected users, Amazon said it would waive their usage charges for March. In light of this, it may dilute company profits in the short term.

02 Critical Infrastructure Within Striking Range

Compared with tech giants’ capital expenditures, the losses caused by an attack on a single data center are “negligible.”

Public data shows that Amazon, Alphabet, Meta, and Microsoft plan to spend a combined $630 billion by 2026, up 62% from $388 billion in 2025. Amazon alone has earmarked $200 billion. Of the total, about 75% (about $450 billion) will be invested directly in AI infrastructure.

A large portion of these funds was originally planned for the Middle East.

From 2021 to 2024, the Middle East has remained a hot region for cloud vendors’ expansion. In early 2025 alone, Saudi Arabia committed more than $21 billion in data center investment pledges.

Among them, Microsoft plans to invest $15.2 billion in the UAE between 2023 and 2029, of which $7.3 billion has already been spent on its partnership with G42 and related infrastructure; Google, together with the Saudi Public Investment Fund, pledged $10 billion to build a global AI hub; Amazon also plans to invest another $5.3 billion to build a new area in Saudi Arabia that includes an “AI Zone”; Oracle invested $1.5 billion to expand its cloud footprint in Saudi Arabia and is deeply tied with NVIDIA to support sovereign AI projects.

For U.S. tech giants to build infrastructure in the Middle East is, on the one hand, to align with local AI development plans, and on the other hand, to show goodwill to Middle Eastern capital such as Gulf sovereign wealth funds.

Trump is also actively pushing for the expansion of U.S. data centers in the Middle East.

In May 2025, Trump, along with technology giant executives including Amazon CEO Andy Jassy and OpenAI CEO Sam Altman, traveled directly to the Middle East. Through a vision of “moving from chaos to commerce,” they sought to secure more than $2 trillion in data center investment pledges.

The biggest data center model under construction in the UAE—this project belongs to the Middle East version of the “Star Gate Plan”

The most eye-catching part is the “Stargate” super-large AI data center project in Abu Dhabi. The project aims to leverage the Middle East’s cheap energy and land to build the largest AI infrastructure outside the United States.

When data centers are assigned such high strategic value, it is inevitable that they become targets of attack.

Ioannis Kalpouzos, a visiting professor at Harvard Law School, believes that whether a data center should become an attack target depends on the facts at the time of the incident, not on its past uses.

Kalpouzos explained: “If the facility is currently used to train large language models with strategic value—for example, by fine-tuning to optimize specific functions—then it could potentially turn into a target.”

This “dual-use (Double-use)” attribute transforms data centers from quiet power consumers into strategic “choke points.” It also means that in the future, data centers may no longer only need security guards and fences, but also specialized protective systems and unmanned countermeasure technologies.

As Vili Lehdonvirta, a professor at Aalto University, said: when national power increasingly incorporates commercial cloud and AI into strategic actions, opponents will view them as critical infrastructure. This makes data centers legally “transparent” and vulnerable; once they are deemed to effectively enhance an opponent’s strategic capabilities, the entire physical entity could be treated as a legitimate target from the perspective of international law.

03 Middle East Computing Power Faces Uncertainty

After Amazon data centers were attacked, will computing power prices rise? The short-term impact is limited.

In its previously released Global Data Center Research Report 2024-2025, Knight Frank points out that although the Middle East (especially the Gulf states) has strong capital and energy advantages, its current share of third-party data center capacity already in operation globally is only about 1%.

In other words, at this stage, the damage is not enough to cause a fundamental disruption to the global supply of computing power.

At the same time, on its service health page, Amazon encourages users to migrate some workloads to servers in Europe, North America, and the Asia-Pacific region in order to ease, to some extent, the pressure caused by regional outages.

However, in the medium to long term, computing power prices will indeed face upward pressure, mainly through three channels.

First is physical defense costs; this will not be expanded here.

Second is multi-region backups. In the context of armed conflict, redundancy within a single geographic area is no longer sufficient to address risks. If businesses are forced to adopt disaster recovery plans across regions and even across continents, the cost of using cloud services will rise significantly.

Third is energy and insurance costs. In data center operating costs, energy accounts for about 60%. Conflicts in the Middle East can push up oil prices and natural gas prices, and fluctuations in liquefied natural gas prices will directly show up on electricity bills. Meanwhile, insurance premiums for data centers in high-risk areas may also be increased.

Alok Mehta, Director of the Center for Strategic and International Studies, said: “This attack has changed the way companies think about security. To maintain business continuity, businesses are forced to adopt more expensive backup solutions. This kind of investment in ‘digital resilience’ is, in essence, a hidden premium on computing power.”

It is also noteworthy that Knight Frank further predicts in its report that by 2030, the data center capacity in the Middle East is expected to triple to 3.3GW or even higher. The higher the capacity, the more losses from attacks will be multiplied.

Although market institutions remain optimistic about future growth, the risks of armed conflict will also change the investment players’ calculation models, and future incremental investment will face more stringent cost-benefit evaluations.

Patrick J. Murphy, Executive Director of the Geopolitical Department at Hilco Global, and others judge that the focus of the next wave of computing infrastructure buildout may shift toward regions with more predictable security conditions.

04 Written at the End

From the UAE to Bahrain, with multiple attacks within a month on data centers as civilian facilities, the backdrop is also related to their critical infrastructure attributes.

Among data centers across the board, they host nearly everything—from personal day-to-day applications to business systems. When these facilities are attacked, the economy, daily life, and everything running on top of them are directly affected, as are the industries, groups, and services associated with them.

To some extent, the complex and intertwined geopolitical environment has also taught tech companies a lesson: while investing hundreds of billions of dollars to expand computing power infrastructure, they also need to reassess the physical security costs behind it—and its value may quickly come to exceed that of the chips themselves.

On this topic, I thought of the space-based data centers Musk previously advocated, as well as Microsoft’s underwater data centers. Without considering feasibility and construction timelines, are these unconventional approaches truly the best solution to security concerns?

The answer may well be no.

Special contributor Jin Lu also contributed to this article