TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBER RISK CYBERSECURITY OPERATIONS THREAT INTELLIGENCE ICS/OT SECURITY NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Middle East Conflict Highlights Cloud Resilience Gaps Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well. Robert Lemos,Contributing Writer March 11, 2026 5 Min Read SOURCE: ABDULLAHNALMAMARI VIA SHUTTERSTOCK Businesses that counted on the cloud's distributed nature to guarantee their data's availability have had a cold dose of reality during the past two weeks. On Feb. 28, following military strikes by the US and Israel, Iran's Internet traffic fell to less than 1% across all major networks in the country, according to Cloudflare Radar, which tracks Internet traffic internationally. Within 24 hours, Iran responded, targeting infrastructure in the United Arab Emirates, Bahrain, and other Gulf States, hitting two Amazon Web Services' facilities in the UAE with drone strikes, while a third facility in Bahrain suffered "physical impacts to [its] infrastructure," Amazon Web Services stated March 2 on its AWS Health Dashboard. "These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS stated. "We are working closely with local authorities and prioritizing the safety of our personnel throughout our recovery efforts." Related:Abu Dhabi Finance Week Exposed VIP Passport Details While attacks against power infrastructure, industrial control system (ICS) networks, and transoceanic cables have occasionally occurred, direct attacks against data centers have been rare. The latest strikes are a recognition that the military, like most enterprises, relies on the cloud for operations, says Kathryn Raines, cyber threat intelligence team lead for the national security solutions team at threat intelligence provider Flashpoint. "The physical strikes on facilities housing cloud infrastructure ... may seem like outliers, but the reality is that they’re likely the new blueprint for modern warfare," she says. "We're seeing reports of adversaries using a multi-domain approach — kinetic bombardments paired with claims of simultaneous cyberattacks on ICS networks by hacktivist proxies — with the intent to blind military targeting and paralyze the civilian economy." 'Modern Militaries ... Run on the Cloud' The importance of the reported strikes on AWS facilities cannot be overstated, Raines says. Private infrastructure now runs military and government operations, turning hyper-scale cloud data centers into "Tier 1 strategic targets," she says. "Modern militaries and governments run on the cloud ... [and] cloud architecture is built to survive bad weather, not war," she says, adding that many providers build backup data centers within 60 miles of the primary ones, making them just as easy to target as well. "A blackout is an easy fix, but a missile strike causes fires, collapsed roofs, and water damage from emergency sprinklers that permanently destroy the hardware," Raines adds. "What's more, attackers don't even need to hit the servers — if they damage the physical cables connecting the building to the outside Internet, the data center is useless." Related:Surging Cyberattacks Boost Latin America to Riskiest Region Iran's network dropped off the Internet starting soon after military strikes by the US and Israel on Feb. 28. Source: Cloudflare Radar While Russia has targeted critical infrastructure such as communications, power, and transportation in its on-going war against Ukraine, cloud data centers outside of Ukraine have not been targeted. Aside from widening the war, such targeting could also hamper Russian military operations, which appear to rely heavily on public cloud infrastructure, according to the Cloud of War study presented at the 17th International Conference on Cyber Conflict (CyCon) last year. Cyberattacks have been common, however. "Cyber attacks remain one of the most frequent forms of aggression across all phases of conflict," says Blake Darché, head of threat intelligence at Cloudflare's Cloudforce One team, adding: "We have seen threat actors using traditional disk-wipers and scripts designed to delete critical information — which is especially problematic if recovery is impossible." Real-Time Vulnerabilities Many industries are more vulnerable to disruption due to damage in the physical or cyber domains, Darché says. Transportation, logistics, power and utilities, for example, face immediate consequences if networks are disrupted. Related:Risky Chinese Electric Buses Spark Aussie Gov't Review "If a cloud region experiences disruption, the impact is not distributed equally — some industries face a complete digital blackout that could immediately halt physical-world operations," he says. "Any other industry that processes realtime information or storesfronts that take real-time transactions would be vulnerable to outages." Companies need to not confuse high availability with true resilience, says Kim Larsen, group CISO at Keepit, a provide of data protection for SaaS apps. While resilience has three pillars — prevention, detection, and recovery — most organizations invest heavily in the first two pillars, and assume recovery will just work when they need it, but it often doesn't, she says. "For years, many organizations treated the cloud as if it were beyond geography," she says. "These incidents are a reminder that the cloud is still made of buildings, power, fiber, people — and therefore, it inherits the same geopolitical and kinetic risk as any other critical infrastructure." Enterprises should take another look at their strategy for cloud resilience, says Flashpoint's Raines. The most vulnerable workloads are likely those that require both real-time processing and ultra-low latency, such as common finance, healthcare, critical infrastructure, and defense applications. One of the first casualties of the attacks on cloud infrastructure may be the push by many countries to keep data and digital services in their borders. "Forcing a country's data to remain trapped within its physical borders turns it into a massive strategic liability that can be erased in a single bombing campaign," Raines says. "As a result, I expect we’ll see governments rapidly shift toward 'Allied Data Sovereignty,' and rewrite laws to ensure critical national data can be legally backed up and hosted in allied nations during a crisis to ensure it survives." Companies that rely on their cloud platforms — and most do — need to rethink their disaster recovery and data governance, she says. Read more about: DR Global Middle East & Africa About the Author Robert Lemos Contributing Writer Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends. More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report The ROI of AI in Security Cybersecurity Forecast 2026 ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like CYBER RISK Can Cybersecurity Keep Up In the AI Arms Race? by Becky Bracken MAY 12, 2025 CYBER RISK Even Resilient Organizations Can Be Blind to AI Threats by Arielle Waldman MAY 01, 2025 CYBER RISK Zambia's Updated Cyber Laws Prompt Surveillance Warnings by Robert Lemos, Contributing Writer APR 23, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice THREAT INTELLIGENCE As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks byElizabeth Montalbano MAR 3, 2026 6 MIN READ ICS/OT SECURITY Vehicle Tire Pressure Sensors Enable Silent Tracking byJai Vijayan MAR 3, 2026 3 MIN READ СLOUD SECURITY AI Agent Overload: How to Solve the Workload Identity Crisis byAlexander Culafi MAR 3, 2026 4 MIN READ 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Building a Robust SOC in a Post-AI World THURS, MARCH 19, 2026 AT 1PM EST Retail Security: Protecting Customer Data and Payment Systems THURS, APRIL 2, 2026 AT 1PM EST Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need WED, APRIL 1, 2026 AT 1PM EST Securing Remote and Hybrid Work Forecast: Beyond the VPN TUES, MARCH 10, 2026 AT 1PM EST AI-Pow