● Dark Reading 📅 11/03/2026 à 06:00

Middle East Conflict Highlights Cloud Resilience Gaps

Cybersécurité 👤 Robert Lemos
Illustration
Cyber RiskCybersecurity OperationsThreat IntelligenceICS/OT SecurityNewsBreaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia PacificMiddle East Conflict Highlights Cloud Resilience GapsData centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well.Robert Lemos,Contributing WriterMarch 11, 20265 Min ReadSource: ABDULLAHNALMAMARI via ShutterstockBusinesses that counted on the cloud's distributed nature to guarantee their data's availability have had a cold dose of reality during the past two weeks.On Feb. 28, following military strikes by the US and Israel, Iran's Internet traffic fell to less than 1% across all major networks in the country, according to Cloudflare Radar, which tracks Internet traffic internationally. Within 24 hours, Iran responded, targeting infrastructure in the United Arab Emirates, Bahrain, and other Gulf States, hitting two Amazon Web Services' facilities in the UAE with drone strikes, while a third facility in Bahrain suffered "physical impacts to [its] infrastructure," Amazon Web Services stated March 2 on its AWS Health Dashboard."These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS stated. "We are working closely with local authorities and prioritizing the safety of our personnel throughout our recovery efforts."Related:Abu Dhabi Finance Week Exposed VIP Passport DetailsWhile attacks against power infrastructure, industrial control system (ICS) networks, and transoceanic cables have occasionally occurred, direct attacks against data centers have been rare. The latest strikes are a recognition that the military, like most enterprises, relies on the cloud for operations, says Kathryn Raines, cyber threat intelligence team lead for the national security solutions team at threat intelligence provider Flashpoint."The physical strikes on facilities housing cloud infrastructure ... may seem like outliers, but the reality is that they’re likely the new blueprint for modern warfare," she says. "We're seeing reports of adversaries using a multi-domain approach — kinetic bombardments paired with claims of simultaneous cyberattacks on ICS networks by hacktivist proxies — with the intent to blind military targeting and paralyze the civilian economy."'Modern Militaries ... Run on the Cloud'The importance of the reported strikes on AWS facilities cannot be overstated, Raines says. Private infrastructure now runs military and government operations, turning hyper-scale cloud data centers into "Tier 1 strategic targets," she says."Modern militaries and governments run on the cloud ... [and] cloud architecture is built to survive bad weather, not war," she says, adding that many providers build backup data centers within 60 miles of the primary ones, making them just as easy to target as well."A blackout is an easy fix, but a missile strike causes fires, collapsed roofs, and water damage from emergency sprinklers that permanently destroy the hardware," Raines adds. "What's more, attackers don't even need to hit the servers — if they damage the physical cables connecting the building to the outside Internet, the data center is useless."Related:Surging Cyberattacks Boost Latin America to Riskiest Region Iran's network dropped off the Internet starting soon after military strikes by the US and Israel on Feb. 28. Source: Cloudflare RadarWhile Russia has targeted critical infrastructure such as communications, power, and transportation in its on-going war against Ukraine, cloud data centers outside of Ukraine have not been targeted. Aside from widening the war, such targeting could also hamper Russian military operations, which appear to rely heavily on public cloud infrastructure, according to the Cloud of War study presented at the 17th International Conference on Cyber Conflict (CyCon) last year.Cyberattacks have been common, however."Cyber attacks remain one of the most frequent forms of aggression across all phases of conflict," says Blake Darché, head of threat intelligence at Cloudflare's Cloudforce One team, adding: "We have seen threat actors using traditional disk-wipers and scripts designed to delete critical information — which is especially problematic if recovery is impossible."Real-Time VulnerabilitiesMany industries are more vulnerable to disruption due to damage in the physical or cyber domains, Darché says. Transportation, logistics, power and utilities, for example, face immediate consequences if networks are disrupted.Related:Risky Chinese Electric Buses Spark Aussie Gov't Review"If a cloud region experiences disruption, the impact is not distributed equally — some industries face a complete digital blackout that could immediately halt physical-world operations," he says. "Any other industry that processes realtime information or storesfronts that take real-time transactions would be vulnerable to outages."Companies need to not confuse high availability with true resilience, says Kim Larsen, group CISO at Keepit, a provide of data protection for SaaS apps. While resilience has three pillars — prevention, detection, and recovery — most organizations invest heavily in the first two pillars, and assume recovery will just work when they need it, but it often doesn't, he says."For years, many organizations treated the cloud as if it were beyond geography," he says. "These incidents are a reminder that the cloud is still made of buildings, power, fiber, people — and therefore, it inherits the same geopolitical and kinetic risk as any other critical infrastructure."Enterprises should take another look at their strategy for cloud resilience, says Flashpoint's Raines. The most vulnerable workloads are likely those that require both real-time processing and ultra-low latency, such as common finance, healthcare, critical infrastructure, and defense applications.One of the first casualties of the attacks on cloud infrastructure may be the push by many countries to keep data and digital services in their borders."Forcing a country's data to remain trapped within its physical borders turns it into a massive strategic liability that can be erased in a single bombing campaign," Raines says. "As a result, I expect we’ll see governments rapidly shift toward 'Allied Data Sovereignty,' and rewrite laws to ensure critical national data can be legally backed up and hosted in allied nations during a crisis to ensure it survives."Companies that rely on their cloud platforms — and most do — need to rethink their disaster recovery and data governance, she says.Read more about:DR Global Middle East & AfricaAbout the AuthorRobert LemosContributing WriterVeteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.See more from Robert LemosMore InsightsIndustry ReportsFrost Radar™: Non-human Identity Solutions2026 CISO AI Risk ReportThe ROI of AI in SecurityCybersecurity Forecast 2026ThreatLabz 2025 Ransomware ReportAccess More ResearchWebinarsBuilding a Robust SOC in a Post-AI WorldRetail Security: Protecting Customer Data and Payment SystemsRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedSecuring Remote and Hybrid Work Forecast: Beyond the VPNAI-Powered Threat Detection: Beyond Traditional Security ModelsMore Webinars2026 Security Trends & OutlooksThreat IntelligenceCybersecurity Predictions for 2026: Navigating the Future of Digital ThreatsJan 2, 2026Cyber RiskNavigating Privacy and Cybersecurity Laws in 2026 Will Prove DifficultJan 12, 2026|7 Min ReadEndpoint SecurityCISOs Face a Tighter Insurance Market in 2026Jan 5, 2026|7 Min ReadThreat Intelligence2026: The Year Agentic AI Becomes the Attack-Surface Poster ChildJan 30, 2026|8 Min ReadDownload the CollectionKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsBuilding a Robust SOC in a Post-AI WorldThurs, March 19, 2026 at 1pm ESTRetail Security: Protecting Customer Data and Payment SystemsThurs, April 2, 2026 at 1pm ESTRethinking SSE: When Unified SASE Delivers the Flexibility Enterprises NeedWed, April 1, 2026 at 1pm ESTSecuring Remote and Hybrid Work Forecast: Beyond the VPNTues, March 10, 2026 at 1pm ESTAI-Powered Threat Detection: Beyond Traditional Security ModelsWed, March 25, 2026 at 1pm ESTMore WebinarsWhite PapersAutonomous Pentesting at Machine Speed, Without False PositivesFixing Organizations' Identity Security PostureBest practices for incident response planningIndustry Report: AI, SOC, and Modernizing CybersecurityThe Threat Prevention Buyer's Guide: Find the best AI-driven threat protection solution to stop file-based attacks.Explore More White PapersGISEC GLOBAL 2026GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills.📌 Book Your Space
← Retour