Amazon has confirmed that several physical facilities of Amazon Web Services (AWS) in the Gulf have suffered damage from drone attacks, an event that has caused a significant interruption in multiple cloud services. According to the company, three centres in the United Arab Emirates and another in Barein were affected, and the impact still leaves numerous applications and tools with degradation or no service.
The reported effects are not limited to electronics: structural damage, power cuts and emergency responses also caused water damage, a combination that complicates and slows the recovery. AWS has published status updates with information on the affected regions and the availability areas involved; official notices are available on the AWS status page. here.
From the operational point of view, Amazon specifies that in the Middle East region (UAE) - ME-CENTRAL-1 - there are at least two areas of availability with significant damage, while in Middle East (Bahrain) - ME-SOUTH-1 - there is a localized impact on electricity supply. The company is working to repair the physical infrastructure while exploring recovery routes that depend more on the software and less on the facilities being fully operational again.
This attack takes place in a tense geopolitical context: media and analysts point out that it could be framed in a chain of reprisals between various actors in the region. Although full attribution and motivation may take time to be confirmed and require caution, some reports connect these actions with responses to previous military operations in Iran. In order to monitor developments in the international situation and its coverage, it is worth reviewing the reports of recognized press agencies. Reuters or BBC.
The interruption highlights an uncomfortable reality: the cloud, however virtual it seems, depends on specific physical infrastructures that can be vulnerable in conflict scenarios. For many companies, this has been a hard reminder that resilience is not only a software issue, but also a geographical design, recovery procedures and data residence decisions..
In its public communication, AWS has urged affected customers to activate their disaster recovery plans, restore from remote copies and, where possible, redirect traffic to unaffected regions - for example, in the United States, Europe or Asia Pacific, according to latency needs and legal data requirements. If you need guidance on cloud support and recovery strategies, AWS maintains documentation on disaster recovery practices and multi-region architecture that is useful as a starting point: AWS Disaster Recovery and information on its global infrastructure Regions & Availability Zones.
In addition to the physical impact, tensions in the region have raised warnings about digital risks: authorities such as the United Kingdom National Cyber Security Centre (NCSC) have warned of an increased risk of cyber-attacks linked to regional escalation. Organizations, especially those with operations or units in the Middle East, should monitor official warnings and strengthen basic defensive measures and contingency plans. The NCSC portal for current guidance and alerts is available at ncsc.gov.uk.
For technical teams and business managers there are several practical lessons: review and test recovery plans, maintain cross-region replications, and validate that migration and restoration procedures work under pressure. It is also a good time to assess the dependence on a single supplier or a single geographical area, and consider strategies that combine redundancy, service level agreements and regular failure simulation exercises.
Finally, beyond technical solutions, this episode highlights a major challenge: to live in an age in which critical infrastructure can be a direct target in geopolitical conflicts. The cloud facilitates innovation and scalability, but does not exempt it from physical and strategic risks. Companies must balance the comfort of centralization with the prudence of diversification and preparation.
Monitoring the official communications of suppliers and security agencies, keeping contingency plans up to date and practicing recovery are steps that now make the difference between a minor interruption and a business continuity crisis. For official sources and updates, using the channels mentioned above is a good practice while clarifying the total scope of the incident.
Safety alert Drug critical vulnerability of SQL injection in PostgreSQL requires immediate update
Drucal has published safety updates for a vulnerability qualified as "highly critical" which affects Drumal Core and allows an attacker to achieve arbitrary SQL injection in sit...
18-year-old Ukrainian youth leads a network of infostealers that violated 28,000 accounts and left $250,000 in losses
The Ukrainian authorities, in coordination with US agents. They have focused on an operation of infostealer which, according to the Ukrainian Cyber Police, was allegedly adminis...
RAMPART and Clarity redefine the safety of IA agents with reproducible testing and governance from the start
Microsoft has presented two open source tools, RAMPART and Clarity, aimed at changing the way the safety of IA agents is tested: one that automates and standardizes technical te...
The digital signature is in check: Microsoft dismands a service that turned malware into apparently legitimate software
Microsoft announced the disarticulation of a "malware-signing-as-a-service" operation that exploited its device signature system to convert malicious code into seemingly legitim...
A single GitHub workflow token opened the door to the software supply chain
A single GitHub workflow token failed in the rotation and opened the door. This is the central conclusion of the incident in Grafana Labs following the recent wave of malicious ...
WebWorm 2025: the malware that is hidden in Discord and Microsoft Graphh to evade detection
The latest observations by cyber security researchers point to a change in worrying tactics of an actor linked to China known as WebWorm: in 2025 it has incorporated back doors ...
Identity is no longer enough: continuous verification of the device for real-time security
Identity remains the backbone of many security architectures, but today that column is cracking under new pressures: advanced phishing, real-time proxyan authentication kits and...