When the war reaches for the cloud, AI becomes a target

For years, the defining vulnerability of the digital age was assumed to be a cyberattack. Invisible, deniable, conducted in code. Then in July 2024, a single botched software update from CrowdStrike caused roughly 8.5 million systems to crash in what was described as the largest global outage in history. Airlines, banks, hospitals, stock markets, and emergency services were disrupted across multiple countries. Governments noted the fragility. Yet, most did very little, beyond recommending patching.

This month, Iran struck three data centres – two in the UAE and one in Bahrain – with drones, forcing the facilities offline. This reportedly caused outages across the region, affecting banking, apps, and enterprise software. The US military uses AI to run intelligence workloads, and Iranian news reports indicated the facilities had been deliberately targeted for their role in supporting military and intelligence activities.

The disruption from the Gulf strikes is a prelude to future conflict. The boundary between civilian and military computing has not blurred, it has all but collapsed. The March 2026 US cyber strategy states US responses will not be confined to the “cyber” realm, widely interpreted as meaning US policy will now consider full-spectrum options in response to cyberattacks.

Governments have integrated classified military and intelligence systems so deeply into commercial infrastructure that shifting becomes impossible under fire.

For executives and boards, this is a supply chain and operational continuity risk of the highest order. For defence and intelligence leadership, it is a warfighting priority. CrowdStrike showed what happens when that infrastructure fails by accident. The Gulf strikes show what happens when an adversary targets it on purpose.

While many have argued the future of conflict will be in and on the cloud, there is now a heightened threat to every element underwriting AI applications.

In research published this year, I show that data, connectivity, energy, compute capacity and workforce together form the “architectures of AI”, the underlying infrastructure shaping contemporary security, society and sovereignty. The concentration of this infrastructure creates chokepoints that adversaries can identify, locate and strike.

As a military target, there is also a practical logic. Data centres are sprawling complexes, dependent on exposed infrastructure, such as cooling units, generators and turbines that can be identified using satellite imagery and disabled. Further, data centres must be built near high-quality energy and water supplies, making their locations easily discoverable, even when “undisclosed”. It also means they are usually near urban centres, placing populations at risk.

The biggest “hyperscalers” do have one structural advantage: a global presence provides redundancy to shift across regions relatively quickly. But that advantage evaporates precisely where it matters most – when governments have integrated classified military and intelligence systems so deeply into commercial infrastructure that shifting becomes impossible under fire.

The problem extends beyond the data centre. A total of 17 submarine cables pass through the Red Sea, carrying most of the data traffic between Europe, Asia, and Africa, one of which was cut last year. With Iran’s closure of the Strait of Hormuz and renewed Houthi threats in the Red Sea, both critical data chokepoints are simultaneously in active conflict zones. The Indo-Pacific is not insulated. Subsea cables connecting Australia to its partners traverse some of the world’s most contested waters. The commercial and strategic risk is the same risk.

Australia is not watching from a safe distance. This is a global problem.

Three things need to happen – urgently.

First, government must map and audit actual exposure. Which defence and intelligence workloads depend on foreign-owned commercial infrastructure? The Australian government-funded TS Cloud will be built in new facilities at undisclosed locations. Location secrecy is not the same as resilience. What are the continuity plans if that infrastructure is degraded or destroyed?

Industry must ask the same: how will AI-reliant global operations maintain continuity when the infrastructure underpinning them becomes a target? As AI adoption grows, are productivity and scaling increases balanced with appropriate risk and compliance settings?

Second, Australia needs an urgent, honest assessment of sovereign AI infrastructure. Many of the existing partnerships were designed for an era in which the greatest threat to a data centre was software failure, insiders or cyberattack. The threat now spans every element of the AI architecture – data, connectivity, compute, workforce and energy. For the industry, the question is operational continuity and liability. For government, it is whether capability survives first contact with conflict. Sovereign AI infrastructure is not a long-term aspiration. It is an immediate operational requirement.

Third, Australia’s critical infrastructure frameworks and corporate risk registers must be updated to reflect the changing threat landscape. Subsea cables, data centres and energy grids are as critical as ports and railways and must be treated as such.

The Gulf strikes demonstrate where AI-era conflict is heading. The organisations and governments that retain advantage will be those that understood infrastructure not as a commercial convenience but as a sovereign asset requiring active defence. Australia has the partnerships, the investment, and hopefully still, enough time to get this right.