On February 28, Iranian ballistic missiles struck targets across the Gulf Cooperation Council states hitting the UAE, Bahrain, Qatar, Kuwait, Oman, and Saudi Arabia in retaliation for joint U.S.-Israeli strikes on Iran, which killed Tehran's Supreme Leader. The Gulf states did not choose this fight. They poured enormous diplomatic capital into preventing it. But they absorbed its consequences, and those consequences landed squarely in the middle of the most ambitious AI infrastructure buildout outside the United States. The ongoing conflict between Israel, the United States, and Iran underscores what the commercial optimism of the past two years in the GCC often wants to forget, namely that Gulf AI ambitions are inseparable from the stability of the broader Middle East, and that stability can collapse overnight.
The stakes are already operational. The GCC data center market reached $3.48 billion in 2024 and is projected to hit $9.49 billion by 2030. Last May, the United States and UAE unveiled a 5-gigawatt AI data center campus in Abu Dhabi — the largest outside the United States, eventually spanning 10 square miles. Abu Dhabi has committed $3.54 billion in digital infrastructure through its Digital Strategy 2025–2027 and aims to become the world's first fully AI-native government by 2027. The TAMM platform, powered by Microsoft Azure and G42, already delivers 950 government services to 2.5 million residents, processing over 10 million transactions a year — healthcare access, license renewals, utility payments, traffic fines. These systems serve real populations in real time. This week, they sat directly in the path of Iranian missiles following Israeli-American strikes.
Assessing the Physical Stack
Some in Washington have highlighted that Gulf AI deployment raises important questions that serve as a necessary starting point for assessing the physical security risks facing AI infrastructure in the region. Mona Yacoubian and Samuel Zabin at CSIS argued this week that regional adversaries could target data centers, energy infrastructure supporting compute, and undersea cable chokepoints just as they have long targeted petroleum facilities in the UAE and Saudi Arabia. Sam Winter-Levy, with Chris Chivvis, previously warned in the Washington Post that drone threats make the UAE and Saudi Arabia dangerous homes for critical AI data centers. Winter-Levy has also cautioned repeatedly that concentrating U.S. compute capacity in the Gulf introduces strategic vulnerabilities that policymakers have not adequately addressed.
Their analyses provide a good starting point for assessing the security risks to AI infrastructure, especially the risk of exposure to kinetic strikes. The unfolding conflict in the Persian Gulf moves the conversation from theoretical to an empirical reality now that Iranian missiles and weaponized drones have targeted all of the Gulf countries, with the exception of Oman. Airspace is closed across the Middle East. Maritime chokepoints are now under threat of closure, including the Straits of Hormuz and potentially, the Bab al Mandeb. What does the current conflict reveal about the specific vulnerabilities in the physical AI stack and what must change in how the Gulf builds, defends, and operates its future AI ecosystem?
Lessons from the Current Conflict
Defense integration must come first, not last. The most consequential lesson from this week has been the resounding importance of defense integration across the GCC. The UAE intercepted Iranian ballistic missiles with its air defense systems. Qatar successfully thwarted multiple attacks targeting its territory. Gulf states possess sophisticated, layered air defense architectures, and those systems performed under live fire. The physical AI stack is no more inherently vulnerable to ballistic missiles than an oil refinery or a desalination plant, both of which Gulf states have long defended as critical national infrastructure. The operational question is whether data centers are being integrated into those existing defense umbrellas or treated as commercial real estate outside the security perimeter. A 5-gigawatt campus housing hundreds of thousands of advanced Nvidia chips, processing sovereign government data, and delivering public services to millions of residents is a national security asset which demands the same dedicated layered defense — missile interceptors, counter UAS systems, and more — that Gulf states already deploy around their energy and water infrastructure. Defense integration cannot be viewed as a "nice to have". For the physical stack to survive the threat environment this week laid bare, it has to be a foundational design principle integrated into the stack.
Concentrated infrastructure invites concentrated risk. The economics of hyperscale AI tend to push states toward establishing AI hubs which concentrate massive power supply, cooling capacity, and fiber connectivity co-located in a single campus to maximize efficiency. The Abu Dhabi mega-campus is a good example. But overconcentration raises the potential that a single strike can create layered damage to the AI stack. A successful strike on a hyperscale data center complex running critical government inference workloads would both destroy critical hardware but potentially sever the digital layer through which states deliver public services, process sensitive commercial transactions, and manage sensitive government data. Abu Dhabi's TAMM platform has already reduced offline government interactions by 90 percent. If the AI systems behind that platform go down, the government's ability to serve its population degrades in real time. That same lesson goes for all national AI systems employed in GCC countries. This requires more strategic thinking about the design and construction of AI infrastructure design, including geographically distributed inference nodes, mirrored workloads, and the ability to failover critical services to out-of-theater backup in minutes if there is a targeted strike. Redundancy is important, expensive, and non-negotiable.
Connectivity chokepoints are as vulnerable as the facilities they serve. A data center without network connectivity is an expensive, air-conditioned room full of expensive silicon technology. The Gulf's fiber optic infrastructure funnels through a narrow set of maritime corridors — the Strait of Hormuz and the Bab al-Mandab — that are now under active threat. Four undersea cables in the Red Sea were cut in 2024, disrupting roughly a quarter of internet traffic between Asia, Europe, and the Middle East. The potential for sabotage of undersea infrastructure are likely to become higher risks the more important AI becomes in the Gulf.
Even if every data center in the Gulf survives a future conflict unscathed, severing or degrading the connectivity infrastructure that link them to global networks and to each other would cripple inference delivery, isolate cloud environments, and interrupt real-time data flows critical for the continuity of AI-powered services. The physical stack covers the entire network topology from facility to end user. Redundant overland fiber paths, satellite-based backup connectivity such as low-earth orbit constellations, and diversified cable landing stations are critical for any AI deployment to be resilient against the kind of escalation the Gulf is experiencing at the moment.
Energy supply must be treated as a wartime planning problem. Data centers consume enormous quantities of electricity, and the Gulf's pitch to hyperscalers rests on abundant, cheap energy. But energy infrastructure in the region has been a target of Iranian and proxy attacks for years, from the Abqaiq strikes in 2019 to repeated Houthi attacks on Saudi facilities throughout the Yemen war. Backup generators at a data center may buy hours of continuity, but they are a poor substitute for grid access during a sustained military campaign, which is precisely what the Gulf now faces. The 5-gigawatt Abu Dhabi AI campus alone would consume enough electricity to power a major city. That is not a facility which can run on diesel. If the power grid feeding a hyperscale campus suffers power losses, the disruption cascades directly into the AI services running on that campus, then from there into the government functions, commercial operations, and civilian services that depend on uninterrupted inference. Gulf states normally plan energy resilience for their petroleum exports in terms of strategic reserves measured in months. They should apply the same logic to the power systems supporting their AI infrastructure. In other words, they will need to establish dedicated generation capacity, fuel reserves, and physical separation between the energy assets serving data centers and those serving broader industrial grids, so that a strike on one does not cascade into the other.
The security environment is structurally volatile, and AI architecture must internalize that reality. U.S. commercial actors exploring the Gulf as an off-shore option for U.S. data centers must now come to terms that the physical stack cannot be designed around assumptions of sustained regional stability. All of the commercial optimism of 2025 generated by Trump's Gulf tour, the mega-deals, the sovereign cloud announcements unfolded in a matter of hours. Any AI infrastructure built on the assumption that the security environment has permanently improved will prove as fragile as the diplomacy that preceded this week's strikes.
Gulf AI planners need strong baseline requirements for operating in a volatile region. Critical AI facilities should be built to survive kinetic strikes, not just cyberattacks. AI workloads may need to be run across multiple sites distributed across a geographic region, so that destroying one facility degrades service rather than kills it. Essential government functions which currently rely on AI systems — visa processing, healthcare, emergency response, financial transactions — should retain traditional non-AI backup systems, so that a prolonged outage does not leave millions of residents unable to access basic services. And Gulf states should embed legal frameworks in their existing contracts with hyperscalers and cloud providers that allow critical AI systems to be shifted to secure facilities in allied countries within minutes of a disruption — locking in the technical infrastructure, data transfer protocols, and operational authorities needed to execute that shift before a crisis, not during one.
Built to Survive
The ongoing Iran conflict and its deadly impact on the GCC does not invalidate Gulf AI ambitions. But it is a stark reminder that regional threats must shape how these states build their AI ecosystems, not just what they build. The Aramco precedent cuts both ways. The 2019 attack demonstrated that concentrated critical infrastructure in the Gulf can be struck with devastating effect — drone and cruise missile strikes knocked out 5.7 million barrels per day of Saudi crude in a single morning. But Aramco's recovery showed that redundant capacity, operational depth, and strategic reserves can contain and reverse the damage. The AI sector needs to absorb both halves of that lesson. Gulf states know their threat environment. They have worked with the United States to defend their territory under fire for decades, and their air defense systems proved themselves again this week. The challenge now is to ensure that the digital infrastructure they are building commands the same strategic protection they have long afforded their energy assets. If compute is truly the new oil, it deserves the same defenses.