Iran Targets US Tech Firms as AWS Infrastructure Is Damaged

AWS’ infrastructure has reportedly been hit by Iranian missiles, in what would mark the first known strike on a hyperscale data centre following public threats from Iran’s Islamic Revolutionary Guard Corps earlier this week, according to the Financial Times. 

The incident underscores a dangerous new phase in which commercial cloud infrastructure becomes a battlefield target, blending kinetic and cyber risk in ways the industry has long feared.

The details

The reported attack follows an IRGC warning carried by Tasnim News Agency on X that named 18 US government and major technology firms as potential targets: Apple, Boeing, Cisco, Dell, G42, GE, Google, HP, IBM, Intel, JP Morgan, Meta, Microsoft, NVIDIA, Oracle, Palantir, Spire Solutions and Tesla. 

Amazon was not on that list, but Iranian Shahed drones previously struck two AWS data centres in the UAE on 1 March, according to multiple reports.

The Independent described the March attacks as the first time a nation had deliberately targeted commercial data centres during wartime.

Since the latest reported strike, AWS has been updating its Service Health Dashboard with details of ongoing disruptions in its Bahrain-based region. The company first flagged issues there last week, the second time in a month that its Middle East operations have been affected by the conflict. 

Following the March incident, AWS said 73 services were impacted; as of today, 34 have been resolved. 

In its latest guidance, AWS is advising customers with workloads in the Middle East to migrate to alternate AWS Regions and is offering assistance on selecting destinations, including regions in the US, even as Iranian messaging has explicitly framed US tech companies as targets.

CNBC reports that a Telegram channel affiliated with the IRGC declared 18 tech companies to be “legitimate targets,” saying: “From now on, for every assassination an American company will be destroyed.” 

A related IRGC statement warned that the companies “should expect the destruction of their respective units in exchange for each terror act in Iran, starting from 8pm Tehran time on Wednesday, April 1.”

The US response

US officials have responded with heightened security posture. 

The US State Department has warned American citizens in Saudi Arabia to shelter in place while it monitors potential threats, while the US Embassy in Saudi Arabia issued a travel advisory noting that hotels, businesses and educational institutions may be potential targets. 

In a televised address, President Donald Trump said the US would respond forcefully, stating: “Very shortly, we are going to hit them extremely hard over the next two to three weeks.”

What it means for tech

The broader implications for the technology sector are significant. 

The IRGC’s assertion that “every assassination” will trigger the destruction of an American company signals an escalation that places critical commercial infrastructure within the crosshairs of state-linked actors. 

Hyperscale facilities concentrate compute for cloud, AI and enterprise services, making them attractive targets whose disruption can ripple across supply chains, customer-facing applications and national critical functions.

For cloud customers, the episode reinforces long-standing architectural guidance. 

Enterprises running in the Middle East should evaluate immediate failover to non-adjacent regions and verify that identity, DNS, logging and observability stacks are not hardwired to a single geography. 

Backup and recovery plans need to be tested under real-world assumptions, including loss of a full region and prolonged network constraints.

Where feasible, core workloads should have a clear path to run in a secondary cloud or on-premises environment to reduce provider concentration risk. 

Just as importantly, incident communication plans should be updated so business stakeholders understand recovery time and recovery point expectations during extended regional outages.

Note: This is a developing story. Details are based on reporting from CNBC, the Financial Times, the Independent and Tasnim News Agency. We will update as more information becomes available.