Modern society operates primarily through data center infrastructure that powers cloud computing and artificial intelligence, the financial sector and health care systems, and government digital operations. Most countries have failed to establish proper infrastructure systems that protect their digital economies as these systems remain critical to their economic activities.
Current geopolitical rivalries and technological disputes create new conflicts that use cyber warfare, information warfare, and hybrid warfare methods as their primary military strategies.
Current threat developments have created a critical need to answer this question: Have we built an AI-powered, data-center-dependent civilization without designing for wartime security and resiliency?
Cyber ​​and information warfare have become essential components of contemporary strategic competition, creating new ways of waging war in modern times.
Cyber ​​operations differ from conventional warfare because they:
- Continue operations in non-wartime periods
- carrying out attacks against non-military public resources
- Operations between wartime and peacetime military operations
Digital infrastructure has become the main battlefield as cyber attacks become more powerful and frequent, while increasing in their scale and complexity.
State and non-state actors now routinely deploy cyber operations:
- disrupt financial systems
- manipulate the information ecosystem
- target government networks
- attack on critical infrastructure
The developing situation has established a strategic framework in which digital systems have become essential components of the national defense apparatus.
The operational backbone of contemporary digital states depends on data centres, which serve as their infrastructure. Data centers provide the necessary infrastructure that supports the following systems:
- Artificial Intelligence System
- digital payment infrastructure
- Government Data Platform
- defense communication network
- health care database
- telecommunication services
Attacks on data centers can cause widespread disruption across many sectors as data centers serve as key economic, government, and public security components. The current situation shows that many jurisdictions need to recognize data centers as essential national assets that serve as critical infrastructure, yet both emerging digital economies and other regions have yet to complete this task.
Modern conflicts increasingly occur in what strategists describe as the gray zone, which serves as the battlefield where adversaries use cyberwarfare, information warfare, and infrastructure attacks to wage war without initiating conventional military conflict.
Cyber ​​operations in this context target the following systems:
- cloud infrastructure
- communication systems
- data storage network
- digital public infrastructure
The purpose of these attacks is to degrade national defense capabilities while avoiding the initiation of military hostilities. An effective response to the evolution of gray-zone warfare requires three essential components:
- institutional civil-military coordination
- public-private cooperation
- Nationwide Cyber ​​Security Strategy
Security of digital infrastructure should not remain the responsibility of private companies as it needs to become an essential part of the national defense strategy.
India is rapidly becoming one of the largest digital economies in the world through its substantial investments, with a focus on:
- artificial intelligence
- digital public infrastructure
- cloud computing
- hyperscale data center
To accelerate this transformation, India needs to achieve full security of its cyber borders as the current cyber operating environment becomes more dangerous. The world is experiencing an increase in hostile cyber operations targeting infrastructure and India needs to implement stronger security measures to protect its digital backbone.
Legal classification of data centers as strategic assets and critical infrastructure is a fundamental requirement for enhancing national cyber resilience. Recognition of this situation will enable to achieve the following results:
- strong regulatory oversight
- advanced security standards
- Security infrastructure that connects to national defense systems
- Priority security during crisis
Data centers need the same legal protections that critical infrastructure laws provide to hospitals, power grids, and transportation systems.
The security of computer networks does not provide adequate protection against hybrid warfare, which targets data center facilities through physical attacks. The current security challenge presents a variety of modern threats, including:
- drone based attacks
- sabotage action
- terrorist activity
- insider threat
- Coordinated Cyber-Physical Disruption
To address these risks, governments and infrastructure operators must implement advanced physical security architectures, including:
- Anti-Drone Detection and Interception System
- AI-enabled monitoring system
- multi-layered perimeter security
- Flexible power and cooling systems
- Geographically distributed backup infrastructure
The need to protect digital services during geopolitical conflicts establishes the need for these protective measures.
The advancement of technology requires the continued development of both technology law and public policy. The legal system needs to establish rules that will deal with the following three areas of cybersecurity protection:
- Development of military capabilities to defend against cyber attacks
- Creating standards that will protect critical systems
- Establishment of national control over data protection measures
- Development of communication protocols between government bodies and private sector companies
The security of digital infrastructure depends on technology lawyers, policy makers, and security experts creating the necessary governance framework.
The Domain Name System (DNS) is a vital element of the Internet that translates domain names into IP addresses, facilitating digital interactions across different regions. Due to its critical function, the DNS has become a target in cyber warfare, where malicious actors can engage in DNS hijacking, cache poisoning, DDoS attacks, and domain manipulation, causing significant disruption to services such as finance and communications. To keep DNS secure, it is important to strengthen its resiliency and this includes implementing DNS Security Extensions (DNSSEC), building secure infrastructure, and increasing monitoring for threats. Integrating DNS security within national cybersecurity strategies is essential to maintaining strong defenses against cyber threats, requiring collaboration between government, service providers, and data center operators. Recognizing DNS as a strategic asset helps nations better protect themselves from contemporary cyber challenges.
West Asia has experienced a geopolitical dispute, indicating that data centers have become essential targets in contemporary hybrid warfare. Iranian drones launched attacks on multiple Amazon Web Services (AWS) data centers located in the United Arab Emirates and Bahrain on March 11, 2026, during a regional conflict involving Iran and the US and their allies. Reports indicate that two AWS facilities in the UAE were hit by direct attack, while a third facility in Bahrain was damaged by a drone strike in its vicinity. The attacks resulted in structural destruction, power outages, and water damage, which occurred because fire-suppression systems were activated at all facilities. The situation caused service disruptions for many cloud services in the region.
These incidents represent the first known example of military operations that targeted a global technology company’s hyperscale cloud systems. The strikes disrupted essential services that businesses, financial institutions, and digital platforms depend on as they use AWS cloud infrastructure. Data center attacks demonstrate that they can cause operational disruptions that impact many sectors of the digital economy.
Analysts found that the attackers targeted specific locations because their actions demonstrated new methods of conducting warfare. Data centers now serve as critical military and economic assets as organizations use artificial intelligence systems, digital services, and cloud infrastructure as essential components of their operations.
This incident demonstrated the fundamental weakness of cloud computing because cloud services operate as decentralized systems that rely on physical data centers located in specific geographic locations. Hyperscale providers’ systems enable them to build security through their geographic distribution across different regions, as well as the creation of multiple availability zones.
The Gulf incident serves as an essential warning system for both cybersecurity experts and government officials who make policies. National security strategies must prioritize data center security as countries increase their investments in artificial intelligence and digital public infrastructure and hyperscale cloud ecosystems. If cyber resilience, physical security and public-private partnerships and other security frameworks are not prioritized on a larger scale, digital infrastructure will become an attractive target for future geopolitical conflicts.
The world is entering an era where cyber and information warfare are becoming defining features of geopolitical competition. At the same time, societies are becoming deeply dependent on AI-powered, data-center-driven digital ecosystems that serve as their essential technological infrastructure. Infrastructure systems will become strategic vulnerabilities that security systems cannot handle if they remain unsecured during emergencies or war.
To address this challenge, nations should rely on the following recommendations:
- The national cyber security strategy needs to recognize data centers as essential national infrastructure.
- The organization needs to enhance both its digital defense systems and physical security measures.
- The organization needs to implement cybersecurity strategies that include all parts of the national defense system.
- The organization needs to develop coordination systems that will allow military and civilian organizations to protect critical infrastructure.
- Taking inspiration from Australia’s e-Security Commissioner, India should establish an independent statutory Cyber ​​e-Security Commissioner dedicated to protecting citizens and institutions from cyber threats. Securing digital infrastructure is no longer just a technical challenge – it is a national security imperative for the 21st century.
(Views expressed are personal)
This article is written by Major Vineet Kumar, Founder and Global President, Cyberpeace.
