Mar 17, 2026
3 min read
The cyber attack parallels the military attack on Iran and shows that the current conflict is increasingly combining the operational and digital dimensions.Analysis by Anna Calabrese, geopolitica.info
According to the contemporary strategic context, characterized by growing hybrid competition and conventional military operations that are increasingly intertwined with activities in the cyber and information field, dynamic joint military action against Iran by the United States and Israel includes sophisticated and highly intrusive cyber operations.According to various international sources, in the hours following the US-Israeli dynamic attack, a significant reduction in national communication was recorded in Iran, as well as daily Iran Various information sites and platforms used were also hacked, as well as apps.Among the targeted services, the disruption of which also represents symbolic significance, is BadeSaba, a religious application that is very popular in the country and, according to some observers, particularly widespread among government supporters.At the same time, in the wider logic of Info Ops to support military operations in the field, several newspapers have been subject to interception and manipulation of content, possibly to spread alternative messages or propaganda.
The cyber aspect of the confrontation with Iran
Iran's response did not take long.In the days leading up to the attack, threat intelligence firms reported on the nefarious activity of parastatal hacker groups linked to Tehran's ecosystem.In particular, well-known and productive companies seemed to be operating in operational configurations or pre-positioning networks that were already at risk.Apt34 is responsible for numerous cyber espionage operations against government institutions and strategic infrastructure in the Middle East, particularly in Israel.
The group was also linked to an attack in 2018 that affected some of the Italian company Saipem's critical infrastructure located in the Middle East.At the same time, the Cyber-Islamic Resistance Coalition launched a campaign of DDoS (Distributed Denial of Service) attacks against suppliers and logistics chains linked to Israeli and US military complexes.
Although one might suspect that the temporary breakdown of connectivity infrastructure in recent days might reduce Tehran's remaining ability to carry out attacks in the digital domain, the structure of cybercrime is in fact quite resilient.Before targeting networks are located, the operation of nodes and infrastructure outside the country's territory and the network support of proxies and related groups contribute to the effectiveness of cyber attacks.
The cloud is the most important infrastructure of modern warfare
A concrete example of this dynamic was the March 3 attack that hit some Amazon Web Services data centers in the United Arab Emirates. The operation, which was carried out with unmanned drones, caused structural damage and power outages in the buildings involved.It was reported that another place in Bahrain suffered similar physical damage.The episode is a good starting point not only to analyze the impact that the disruption of a cloud service can have in the context of the conflict, but also to shed light on the issue of European technological superiority in light of the vulnerability inherent in digital interconnection.
The analysis of the impact of Amazon's cloud service disruption on the conflict region can proceed along three lines.
First, the whole area comes out.The ARS architecture is organized into zones and access zones, which are groups of separate data centers equipped with independent and redundant power, network and connectivity.When one of these components is affected, users in the affected country are not available.In this particular case, many factories have been established outside the Persian Gulf, which has directly affected businesses and users in the area.Second, the impact on international platforms should be considered in terms of distribution systems.When there is no cloud area, the traffic is often returned to other areas such as Europe or the United States, which must include a large load of applications.This type of redundancy ensures the continuity of work, but as a result may be slightly reduced in operations or delays in services.Finally, the article presents a geopolitical and strategic perspective.Although cyberspace is often thought of as a non-profit sector, the digital economy, and therefore the security of the cyber network, depends on a highly secure infrastructure.The data centers of hyperscalers are inhabited: financial services, e-commerce platforms, government systems, digital health systems, business applications and advanced artificial intelligence models.
A physical data center attack, therefore, is not the same as an IT service disruption.It can create a systemic economic impact, disrupting the digital platforms that thousands of businesses and governments depend on.This phenomenon calls for a broader reflection on the current state of conflict.While attacks in the digital domain through malware or computer intrusions are common, distributions like the one in the Gulf offer further developments: the cloud infrastructure itself becomes a physical target, for example.ports, oil pipelines or power plants.In other words, the conflict affects not only the network, but the foundation of the digital economy.The cloud, often thought of as a virtual infrastructure, actually includes data centers, cables, cooling systems.Clouds are nothing but clouds, one might say, but they live and evolve within material, concrete, and structural boundaries.
This transition raises another question about Europe.On the one hand, the rising tensions in the Middle East may indirectly affect infrastructure, organizations and technology supply chains linked to the region.On the other hand, the increasing centrality of the cloud requires reflection on European digital sovereignty.In a context characterized by strong global interconnections, sources of opportunity, innovation and growth, new forms of vulnerability and interdependence also inevitably emerge.
The European Dilemma of Cloud Sovereignty
It is precisely to reduce these problems that many developing countries are accumulating the creation of local and political organizations.The AWS European Sovereign Cloud project is in line with this vision, a new development created by Amazon Web Services that will be available from 2026. in January to meet European digital sovereignty and data protection needs. This purpose aims to ensure that sensitive information and important European services can continue to operate even in the face of conflictsgeopolitical.
The project provides an infrastructure physically located in the EU, with the first core in Germany, operated by European employees and equipped with separate governance compared to other AWS regions.Customer data remains within European borders, while access to data centers and day-to-day operations are delegated to EU-based employees subject to European law.The corporate governance structure is also based on legal entities registered under German law and overseen by an advisory board made up of EU citizens.
This architecture responds to three key European strategic concerns.First, data sovereignty, that is, the ability of governments and organizations to ensure that sensitive information in sovereign and sensitive sectors such as healthcare, defense or public administration remains within European jurisdiction.Second, geopolitical resilience, as the infrastructure is designed to operate on its own in isolation from the rest of the global AWS network.Finally, support for highly regulated sectors such as finance and public administration that require high levels of security and regulatory compliance.
However, the legal issue is still difficult.Although the legal structures are under European law, including the General Data Protection Regulation (GDPR) and the national regulations of member states, the provider remains a US company.This brings up a potential conflict with the US CLOUD Act, an American law that allows US authorities to request data from US companies even if such data is stored abroad.The result is a conflict of control between two legal principles: on the one hand the protection of personal data, guaranteed by European law applicable in the areas of system installation, on the other hand the rights granted by US law.These disputes were at the center of the famous Schrems II decision, in which the Court of Justice of the European Union removed the Privacy Shield data exchange system between the EU and the United States in 2020: the agreement gave more access to the data of US intelligence officials, which did not meet the European standard.
To reduce these inconsistencies, AWS introduced a functional separation system, European management and local control of cryptographic keys.The stated purpose is to prevent direct access to data by US parent companies and to evaluate government requests within the framework of European law.Despite these guarantees, the debate about the true independence of these infrastructures is still open.The market environment helps make the issue more relevant.97.2% of cloud services in the field are provided by US (83.7%) or Chinese (13.5%) hyperscalers.European suppliers remain in the corner with a global share of no more than 2.8%.Therefore, the European Commission launched an initiative to strengthen digital sovereignty in the continent, investment in data centers, interoperability standards and the development of secure cloud infrastructure for public administration and critical data.In fact, by 2025, Brussels has proposed a plan to triple the capacity of EU data centers, focusing on sustainability, security and reducing dependence on non-EU hyperscalers.
In the private sector, the sector's main operators are modifying their offers in response to European requests.For example, Microsoft developed the Ee Data Borders project and announced the expansion of data residency capacity in the European Union in 2025 and the completion of infrastructure that includes more than $20 billion in investments in European data centers and artificial intelligence infrastructure.However, even in this case, legal and strategic issues still remain.At a hearing in the French Senate, Microsoft France's head of legal affairs acknowledged that the company cannot fully guarantee that its European data will be free from possible requests from US authorities.
At the beginning of this dynamic, the Iranian case and the attack on cloud systems in the Persian Gulf provide an opportunity for a broader analysis.The growing integration between the physical and digital aspects of conflict shows that the cloud can no longer be considered a simple technology to help the economy.It is an important part of current power structures that can strengthen the economy, political stability and capacity of states.The attack in the Persian Gulf confirms that cyberspace is not the arm of business, apart from its dynamics and phenomenology, but a direct extension of strategic systems.For the EU, this result is related to the direct result: digital power cannot be limited to a data protection or hub.It is not possible to leave the independent authority in the ability to control, protect and strengthen the systems that support the digital economy of the country.In the context of growing geopolitical competition and hybrid conflicts, full reliance on non-European hyperscalers shows not only technical weakness but also potential cyber risk.Strengthening Europe's access to the cloud and high-tech sector is not simply a business choice or regulation, but a matter of security and independent planning.
