AI within artillery range

Reposted from: David, TechFlow (Shenchao)

On March 1, Iranian missiles and drones struck the Gulf region. One of them landed on an Amazon data center in the United Arab Emirates.

The facility caught fire, power was cut, and about 60 cloud services were disrupted.

One of the world’s most widely used AIs, Claude, runs on Amazon’s cloud. On the same day, Claude went down globally.

Anthropic’s official explanation was a surge in users that overwhelmed the servers.

As of publication, complaints about Claude being unavailable are still circulating on social media; on the well-known prediction market Polymarket, a topic has already appeared betting on “how many more times Claude will go down in March.”

If it is ultimately confirmed that Iran was responsible, this would mark the first time in human history: a commercial data center physically destroyed in wartime.

But why would a civilian server facility be bombed?

Go back two days. On February 28, the United States and Israel carried out joint airstrikes on Iran, killing Supreme Leader Ali Khamenei and a number of senior officials.

A significant portion of the intelligence analysis, target identification, and battlefield simulations behind the strike was assisted by Claude. Through cooperation between the military and the data analytics company Palantir, Claude had already been embedded in the U.S. military’s intelligence systems.

Ironically, just hours before the airstrike, Trump had ordered a comprehensive ban on Anthropic because the company refused to hand its AI over to the Pentagon without restrictions. But ban or not, the war still had to be fought.

Officially, it would take at least six months to remove Claude from the military’s systems.

So before the ink on the ban had even dried, the U.S. military went ahead and used Claude to strike Iran. Then Iran retaliated, and a missile landed on the data center running Claude AI.

The data center was most likely not deliberately targeted and was simply caught in the blast. But whether the missile was aimed at the facility or not, one thing is certain:

Truth lies within the range of artillery—and now, so does AI. On both sides: those firing the artillery and those being hit by it.

AI megainfrastructure built on the Middle East powder keg

Over the past three years, Silicon Valley has effectively moved half of the AI industry into the Gulf in the Middle East.

The reasons are simple. The UAE and Saudi Arabia have the world’s richest sovereign wealth funds, cheap electricity, and one key rule:

If you want to serve our customers, the data has to be stored on our soil.

So Amazon has opened data centers in the UAE and Bahrain, and is investing another $5.3 billion to build one in Saudi Arabia; Microsoft has nodes in the UAE and Qatar, and its Saudi facility has also been completed.

OpenAI, together with Nvidia and SoftBank, is building an AI complex in the UAE worth more than $30 billion, touted as the largest computing hub outside the United States.

In January this year, the United States brought the UAE and Qatar together to sign an agreement called “Pax Silica.” Translated literally, it means “Peace of Silicon,” and it sounds beautiful.

The core of the agreement is to control the flow of chips and ensure that advanced semiconductors do not end up in China’s hands.

In return, the UAE obtained permission to import hundreds of thousands of Nvidia’s most advanced processors each year. Abu Dhabi’s G42 cut ties with Huawei, and Saudi AI companies pledged not to purchase Huawei equipment…

Across the Gulf, the entire AI infrastructure—from chips to data centers to models—has tilted fully toward the United States.

These agreements considered everything: chip export controls, data sovereignty, reciprocal investment, and the risk of technology leakage.

But not a single clause considered that someone might use missiles to blow up a data center.

After seeing the Amazon data center catch fire, an international security scholar from Qatar University said something that feels particularly fitting:

“These security frameworks were designed for supply chain control and political alignment. Physical security was never on the agenda.”

For a decade, the story cloud computing has told is one of elasticity, redundancy, and decentralization. But data centers are buildings with addresses. They have walls, roofs, and coordinates. No matter how advanced your chips are, if the facility is bombed, it’s bombed.

“The cloud” is a metaphor. A data center is not.

AI looks intangible—running in code, floating in the cloud. But code runs on chips, chips sit in data centers, and data centers are built on the Earth.

Who protects AI?

This time, the Amazon data center can be said to have been collateral damage—if you look on the bright side, even accidental.

But what about the next time?

As global geopolitical conflicts intensify, if your data center is running AI models that help an opponent with target identification, the opponent has every reason to treat your facility as a military target.

International law has no clear answer to this problem.

Existing laws of war do contain provisions for “dual-use infrastructure,” but those clauses were written with factories and bridges in mind—no one was thinking about data centers.

If a facility runs banking transactions during the day and military intelligence analysis at night, is it civilian or military?

In peacetime, choosing a location for a data center is about latency, electricity prices, and policy incentives… When war arrives, none of that matters anymore. What matters is how far your facility is from the nearest military base.

So this bombing has started to shift people’s attention.

Until now, everyone has been discussing the same anxiety: whether AI will replace their jobs. But almost no one has been asking another question:

Before AI replaces you, how vulnerable is it itself?

A single regional conflict was enough to knock out the Middle East node of one of the world’s largest cloud providers for nearly an entire day—and that was just one data center.

There are now nearly 1,300 hyperscale data centers around the world, with another 770 under construction. These facilities consume ever more electricity, water, and capital, while carrying ever more of the world’s critical functions—your bank deposits, your medical records, your food delivery orders, even a nation’s military intelligence.

Yet the systems protecting these facilities may still amount to little more than fire suppression and backup generators.

When AI becomes part of a country’s core infrastructure, its security is no longer just the responsibility of a single company. Who protects AI? Cloud providers? The U.S. Pentagon? Or the UAE’s air defense systems?

Three days ago, this was still a theoretical question. Now it isn’t.

AI is within artillery range. And in this era, what isn’t?