In retaliation for the ongoing U.S.–Israeli war, Iran responded with a novel form of counterattack. For the first time in military history, private sector data centers came under deliberate attack.
In an era when companies known for e-commerce, social networks, and search engines have also become close collaborators with militaries, is bombing their servers fair game?
Three days after the U.S. and Israel began their joint bombardment, the Islamic Revolutionary Guard Corps launched kamikaze drone strikes against Amazon-owned data centers in the United Arab Emirates and Bahrain that provide an array of cloud computing services to customers throughout the Middle East. The impacts and subsequent fires “caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage,” according to Amazon, resulting in service outages across the region.
The motive behind the attack, according to Iranian state television, was not to block people from ordering groceries or posting to social media, but rather to highlight “the role of these centers in supporting the enemy’s military and intelligence activities.” Though only Amazon’s centers are known to have come under fire, a March 11 tweet from the quasi-official Tasnim News Agency listed dozens of regional facilities, including data centers owned by Microsoft, Google and others, deemed “Enemy Technology Infrastructure” suitable for targeting.
It’s unclear if the Amazon data centers struck by Iranian drone strikes are used for military purposes or civilian purposes, or both. And it’s unknown if the attacks in any way hindered the militaries of the U.S., Israel, or their allies in the Gulf from using AI or other cloud-based services in their war efforts. But with Amazon, Google, and even Facebook parent company Meta are all eager partners of the Pentagon that augment the destructive power of the United States in Iran and elsewhere, server farms may now have the same status as factories building bombs and warplanes.
Scholars of international law and the laws of armed conflict say that when a military runs on the cloud, the cloud becomes a legal military target. But the cloud is an abstraction, not a physical site — a global network of millions of chips in servers spread across hundreds of massive buildings across the planet, servicing both civilian apps and state tools used to surveil and kill. Separating the former from the latter is an extremely difficult task.
“The legality turns on whether the specific facility, at the specific moment, is genuinely serving the military operations of a party to the conflict in a way that offers a concrete and definite advantage to the attacker,” explained León Castellanos-Jankiewicz, a lawyer with the Asser Institute for International and European Law in The Hague.
Sometimes the split between military and civilian use is straightforward. Microsoft, for example, helps run the Joint Warfighter Cloud Capability, which the Pentagon says provides it with “greater lethality.” This work involves the processing of classified data, which the government does not want commingling with civilian tech. Cloud computing services are generally offered via geographically distinct “regions,” each made up of many physical data centers. Customers typically select the region that is closest to them to minimize lag time. Microsoft’s US DoD Central and US DoD East regions are “reserved for exclusive [Department of Defense] use,” according to the company, and are serviced by data centers in Des Moines, Iowa, and Northern Virginia, respectively.
Amazon offers similar cloud regions exclusive for Pentagon use, though the location of these data centers is not public. Oracle, another JWCC provider, operates Pentagon-specific facilities in Chicago, Phoenix, and Virginia. Companies are understandably tight-lipped about where exactly on the map these facilities stand, in no small part because Iran, or any country at war with the U.S., would have reason to target them.
“A data center that is used solely or primarily for military applications is targetable,” said Ioannis Kalpouzos, an international law scholar and visiting professor at Harvard Law, “and a center that supports the Pentagon’s JWCC falls in that category.”
The march of data center construction has become a point of contention across the United States and around the world, with communities frequently — and sometimes successfully — rallying to block what they view as enormous resource-draining eyesores. But for those living in the widening shadow of data centers, planned or built, their status as military targets may be unsettling beyond concerns over water and energy consumption.
And as Defense Secretary Pete Hegseth aggressively shoehorns AI tools into the military wherever possible, the rapid expansion of data centers means the potential proliferation of legitimate military targets across the United States.
With comparisons between the destructive power of AI-augmented warfare and nuclear weaponry becoming more common, the ever-expanding network of American data centers may recreate Cold War anxieties around intercontinental ballistic missile, or ICBM, silo placement. The country’s nuclear launch capabilities were famously clustered in the relatively sparsely populated Upper Midwest, forming a so-called “nuclear sponge” that would draw Soviet nukes away from population centers and toward rural areas and farmland.
But the legal calculus around most data centers will be less clear. Google, for example, says the Pentagon uses both its general purpose public cloud and smaller specialized air-gapped networks that don’t touch the public internet, depending on the sensitivity of the data involved. Even cloud work involving Top Secret military data “can operate within Google’s trusted, secure, and managed data centers.” The company also sells modular mini-data centers for use closer to battlefields or bases.
These arrangements, shrouded in both military and trade secrecy, make it hard to assess whether a server is hosting a student’s homework or Air Force R&D, blurring the legality of attacking data centers that may host both. Google may have little control over how governments use its cloud tools; The Intercept has previously reported that Google executives worried internally they wouldn’t be able to tell how the Israeli military was deploying its cloud services.
“The practical challenge is that cloud infrastructure is often technically opaque, even to providers themselves,” Castellanos-Jankiewicz said. “The services a given data center supports may not be readily ascertainable from the outside or even inside, which complicates the attacker’s legal obligations considerably.”
Amazon and Google’s Project Nimbus similarly provides cloud computing services across the Israeli government, including both civilian agencies and the Ministry of Defense, along with state-owned weapons companies.
“The picture becomes more legally complex when a data center functions as a so-called ‘dual-use’ object,” simultaneously hosting military data or capabilities alongside civilian services,” Castellanos-Jankiewicz told The Intercept. “Once a facility is found to make an effective contribution to military action, the entire physical object can, under the dominant legal view, qualify as a military objective.”
The embrace of commercial cloud computing by the U.S. and others has muddled an already murky legal picture, Castellanos-Jankiewicz explained. “A military’s decision to store classified data or run AI-enabled military systems on commercial cloud infrastructure shared with civilian services could itself raise legal concerns — particularly if the commingling of military and civilian uses makes a strike more likely or increases the foreseeable harm to civilians when one occurs.”
Determining whether a given data center can be legally attacked under international humanitarian law — itself comprised of various treaties that not every country adheres to — relies on a complex series of balancing tests that rarely produce concrete answers. To begin with, every object and person is generally presumed civilian and exempt from attack under this framework. Before launching a strike, a country is supposed to have a verifiable reason to believe a data center contributes to the enemy war effort, and reason to believe an attack will appreciably harm that effort. What “effectively contributes to military action” will, of course, be a source of disagreement.
Anthropic’s Claude large language model was reportedly used to accelerate American airstrikes against Iran; Claude, in turn, was built in part using 500,000 chips housed in an $11 billion Amazon data center in Indiana. If Claude is now arguably a weapon, is this Indiana site the data equivalent of a bomb factory? Kalpouzos, the Harvard Law visiting professor, told The Intercept it depends on the facts at the moment the bomb hits, not past usage. “If the facility is currently used in the training of the LLM that is used in the conduct of military operations — for example, by fine-tuning object classification or user-interaction features — then this could render it targetable,” he said.
In a recent article for Just Security, Klaudia Klonowska and Michael Schmitt said that the law calls for proportionality and restraint even against military targets. An attack against a data center that provided both military and civilian computing would need to be precise enough to destroy the former while minimizing harm to the latter, they argued. But international law may call for a degree of carefulness that militaries have little interest in. “If it were possible to attack only the area of the data center where servers hosting military data are located without destroying the entire center, the attacker would need to do so,” they wrote.
These requirements can be hard to observe in reality. The U.S. and Israel both tout the extreme precision of airstrikes that regularly slaughter civilians. And neither country, nor Iran, is a signatory to some of the relevant legal frameworks that make up the so-called “laws of armed conflict” in the first place.
Indiscriminate warfare practice by U.S. and Israel has also, ironically, been instrumental in reshaping how these laws are interpreted and effectively loosened. Throughout the Israeli genocide in Gaza, Israel’s military and the Pentagon both made clear it’s acceptable to destroy an apartment block or hospital if one first claims there is a genuine military target inside.
The second Trump administration in particular has been keen to more tightly integrate Silicon Valley into the global American killing apparatus, a plan to which the industry has shown itself to be largely amenable. Even after being thoroughly maligned by the administration following the collapse of its Pentagon deal over purported disagreements around safety guardrails, Anthropic CEO Dario Amodei issued a public statement making clear he still wanted in on military spending: “Anthropic has much more in common with the Department of War than we have differences. We both are committed to advancing US national security and defending the American people, and agree on the urgency of applying AI across the government.” That attitude, now commonplace across the tech sector, will see the further commingling of consumer tech and warfare both in the abstract and under sprawling data center rooftops across the country.
“These [data centers] are further melding military and civilian infrastructure,” said Kalpouzos, “and together with the increasingly permissive rules of engagement adopted by the U.S. and Israel, are potentially drawing in larger sectors of the economy and society in what is targeted and destroyed.”
The post Data Centers Are Military Targets Now appeared first on The Intercept.
