Amazon Web Services (AWS) says several of its data centres in the United Arab Emirates and Bahrain were damaged by recent drone and missile strikes, disrupting cloud services and creating a long, physical recovery process. The company reported direct hits on two UAE facilities and a nearby strike in Bahrain that impacted infrastructure.
AWS told customers the strikes caused structural damage, interrupted power delivery to affected infrastructure, and in some cases triggered fire suppression systems that produced additional water damage. The company is working to restore services but warned recovery will be prolonged because of the physical harm to sites.
Earlier reports from AWS indicated that unidentified “objects” sparked a fire at a UAE cluster, prompting authorities to cut power to a group of data centres; initial restoration had been expected to take at least a day. The outage knocked out about a dozen core AWS cloud services, and AWS advised customers to back up critical data and shift workloads to unaffected regions where possible.
Sources familiar with the outage told Reuters that financial institutions using AWS experienced disruptions. Abu Dhabi Commercial Bank reported its platforms and mobile app were unavailable amid a region-wide IT disruption, though it did not explicitly link the outage to AWS.
The strikes come as major US cloud providers have been expanding infrastructure in the Gulf. Microsoft, for example, has said it will expand investments in the UAE and uses Nvidia chips for local data centres; Google and Oracle also operate facilities in the country. Representatives from those companies did not immediately comment on the AWS incident.
Security analysts say the attack underscores a shifting risk landscape. A Washington think tank warned that in today’s compute-driven economy, adversaries that once focused on pipelines, refineries and oil fields may increasingly target data centres, the energy systems that power compute, and critical fiber links.
Impact and implications
– Short-term: Customers dependent on the affected AWS regions faced degraded or unavailable services and were urged to move critical operations to other regions and ensure backups.
– Financial services: Banks and payment platforms that rely on cloud providers are particularly vulnerable to region-wide outages, raising operational and financial risk.
– Long-term: The incident highlights physical vulnerability of concentrated compute infrastructure and may prompt cloud providers, governments and customers to reassess redundancy, geographic distribution and hardening of critical sites.
AWS continues remediation and recovery efforts at the damaged sites. Cloud customers and regional operators are monitoring the situation as teams work to repair physical damage and restore normal service levels.
