Data centers are such great targets in modern warfare. A few cheap drones can inflict billions in damage with low direct casualties (if the attacker even cares). I have heard AWS in particular is secretive about the exact location of their data centers, but no doubt every major country knows exactly where they are.
Which is why peace and diplomacy is so important. The last thing we need is to be war hardening everything, which is likely impossible in this day and age.
They are not widely publicized but they cannot be entirely secret because when you use AWS Direct Connect you need to know where to do the work in. Not every AWS datacenter has Direct Connect, but any OSS intel person could do the work required. When you have sufficient incentive to know where (for instance, trading crypto) you will find out the difference between, say, a matching engine running in AWS's datacenter run by AT Tokyo or by Colt.
AWS does not publicize all of their stuff, true, but they have partner documentation, their partners are proud to be vendors to Amazon and will advertise, and there are old unlisted PDFs on the Internet. Besides, Amazon has thousands of employees and contractors and their families. This kind of thing is within reach of any human being with sufficient interest.
Some data centers are more valuable as targets than others. For example, those comprising us-gov-east-1 and us-gov-west-1 or, god forbid, us-east-1. I don’t expect it is a difficult task to find them and other critical infrastructure for a state, but probably more involved than popping open google maps.
That's a region. It's not only many buildings, it's many zones, each of which are many datacenters. A region is just a virtual partition for their services. A zone is a fault domain for their services, and a single zone is met by many datacenters, each of which can have many buildings. Or at the least, I know of at least one datacenter which has multiple buildings, that is within one zone that has multiple datacenters, that is within one region that has multiple zones.
Some Paris data centers are disguised as apartment buildings with the classic Hausmannian facade, and then you open up Google maps and see a ton of AC units stacked on the roof. These aren’t likely major cloud data centers mind you, and the motivation for concealing them has more to do with the city’s aesthetic codes than military defense.
They can typically operate indefinitely on diesel generators and have hot supply contracts with multiple suppliers. Even our small rinky dink datacenter had that.
So, it would generally be more effective to hit the actual datacenter than try to cut the power.
Several gulf state oil companies have declared force majeure on contracts they have to supply various customers due to the war. Good luck on getting diesel deliveries when things really hit the fan.
On the other side AMZN could have hired several RC plane hobbyists, fly them Emirates business class, put them into Burj Khalifa suites, fund several beefy jet, nitro or EDF planes for them (with jet getting as expensive as $5K), and have these guys on guard duty on the roof so they would take down any incoming drones (see Ukraine interceptor drones), and that would still be a pocket change compare to the datacenter damage. (of course somebody can get a startup going producing an automated container deployable unit consisting of like a 64 cell VLS with such interceptors plus radar plus optical - can be quickly deployed when necessary for example onto datacenters or say onto large ships navigating some treacherous waters )
More tech-y approach - AI (or even actual security guards) monitor the video cameras and once there are incoming drones, several MW of power can be redirected into those datacenter's large satellite dishes (more precisely - into very simple microwave generators installed on the dishes) and the dishes turned toward the incoming drones - the drones will get cooked in seconds, add the kitchen microwave sound effect.
> A few cheap drones can ...
It is temporary. The race is only starting. Soon you will have to have a hive of highly intelligent autonomous drones to have even slightest chance to make through a hive of highly intelligent autonomous interceptors, etc.
The government based defense departments are very slow and expensive though, while the extremely valuable targets like the datacenters belong to the transnationals and located across the world (and more and more in space). Thus the transnationals would have to take care of the defense of their assets themselves (or outsource it to other transnationals, like say imagine AWS providing air-defense-as-a-service), more efficiently and agile than the government defense departments. If you take a look at Palantir Karp's book "Technological Republic" you can read that between the lines there too.
Maybe. I used to use this about 20 years ago, trying to track down where the UK root servers were so I could increase my drop-catching. Get test accounts on as many hosting providers as possible, check hops and ping times, move on to the next one. It's not as accurate as you'd hope, though.
Big tech's love for cheap labor is a great mechanism for finding where all their most valuable assets are and mapping out any and all vulnerabilities. I imagine state actors are applying to any and all low paying jobs that have seemingly juicy job requirements and feeling out details during interviews. Even better if you offer to accept a salary far below standard rates and actually get the job.
While probably not a state agent, I've personally done online interviews with some people that were clearly lying about everything and trying to feel out details about the company. People claiming to live in our country and being citizens but having little ability with the language, saying they would love to come to our city but it's a bit far, saying they graduated from a major university but being unable to describe anything about the town (with their resume mentioning graduating from a different university, and their LinkedIn a different university from either), random people moving around and arguing in the background, all their work was with random crypto businesses that shut down within months. I had to stop my coworkers from saying too much. I had to convince them why hiring that person for remote work and giving them access to our servers was a bad idea. There are without a doubt companies giving similar people physical access to their hardware. And there are undoubtedly people who practice interviewing to better deceive companies.
You can be secretive all you want, but it's extremely difficult to hide massive heat exchanging systems and/or generators from aerial/space photography. Particularly at the scale of an AWS-like datacenter.
Building a fully camouflaged datacenter could be done at much greater cost, but you still can't hide its thermal emissions from infrared. Basically every watt hour used in a datacenter environment turns into waste heat ultimately rejected into the atmosphere (except for the 0.000000001% that leaves the facility as photons down a fiber), so if you have N megawatts of waste heat from a rectangular shaped building located on a 300 x 400 meter sized plot of land, it's going to stand out.
Geothermal exists, but you would have to take care to design accordingly and even then there are plenty of other ways for a state actor to locate you. It probably doesn’t make much sense to spend money trying to hide from state actors; it’s probably better to (1) avoid conflict prone areas to the extent possible and (2) make it expensive for an attacker to shut you down (use more smaller data centers within a sensitive region, put some of them underground, etc) or (3) accept the risk of data center disruption.
>> I wonder if you can uncover where the data center is just by using ping command.
Not exactly, but you can uncover cloud providers like Google and Azure, who forget to tell you, their "availability zones" are in the same data center ;-)
The relative lack of trucks is what would identify the data center. The only other buildings like that are warehouses, which have a lot more trucks going in and out relatively speaking.
That's some of how geolocation works. Ping can't go faster than the speed of light, so that gives you a circle for where something is. Ping from enough places and you can get a good enough idea, if you're the Iranian Guard or otherwise.
Also you have to remember the basics of statuspage messages: Its always just elevated error rates. Even when the error rate is elevated to 100%.
"We are observing elevated error rates when accessing objects stored in the affected region. Impacted customers may experience increased latency or intermittent failures while retrieving debris adjacent data." /s
I'm surprised this reportedly only affected 19 server racks. Some of the small FPV quadcopter strikes I've seen videos of have collapsed entire homes. Even if the structure is more resilient than a fragile home, I would have expected the blast from a larger long-range drone like a Shahed to damage more server racks than that.
It's either 100lb or 100Kg, with a direct hit on a dense centre, it would damage a lot of racks, but if it's oblique, or indirect, impartial, the damage could be less pronounced. They could also be misrepresenting by diminishing the damage as there's a lot of information suppression going on.
Yea it's hard to reconcile such a small number of affected racks with such a widespread impact though, so this must not be the whole story. They're talking about a half a year to restore the data center. It must be more than a roof repair and 19 racks.
Iran's Navy, Air Force, power plants, hospitals, colleges, universities and most importantly little girl's schools were obliterated in the first 42 minutes of Trump's war.
When I was working at AWS, which was a new service at the time, the example we often heard was a natural disaster or comet strike; would be what we were making our data centers redundant for. I don't think we were ever considered to be targeted during war and I'm sure they considered that they just didn't want to that affect that morale cost on the staff.
Three availability zones provides no protection against three ballistic missiles.
Region pairs are similarly totally ineffective against a mere six rockets.
No current missile defence system is effective against ballistic warheads reentering from space at hypersonic velocities.
Colocating thousands of businesses and hundreds of government agencies into a handful of hyperscale data centres is the text book definition of putting all of one’s eggs into a single basket.
If Iran’s attacks were more coordinated[1] they would have taken out all zones of every Middle East AWS, Azure, and GCP region. On top of the obvious direct damage to GCC nations it could have very likely permanently damaged the reputations of public clouds, possibly causing trillions in indirect economic damage to the United States.
[1] The theory is that the Iranian regime prepared for decapitation strikes by splitting their military into about thirty cells that can act independently.
Data centers are such great targets in modern warfare. A few cheap drones can inflict billions in damage with low direct casualties (if the attacker even cares). I have heard AWS in particular is secretive about the exact location of their data centers, but no doubt every major country knows exactly where they are.
Which is why peace and diplomacy is so important. The last thing we need is to be war hardening everything, which is likely impossible in this day and age.
your handle tho :D
Cheney is just salty that targets weren't hardened before he shot his friend in the face.
I thought we were doing "you cannot be tolerant with the intolerant" and "punch a nazi, where anyone who opposes illegal immigration is a nazi"m
They are not widely publicized but they cannot be entirely secret because when you use AWS Direct Connect you need to know where to do the work in. Not every AWS datacenter has Direct Connect, but any OSS intel person could do the work required. When you have sufficient incentive to know where (for instance, trading crypto) you will find out the difference between, say, a matching engine running in AWS's datacenter run by AT Tokyo or by Colt.
AWS does not publicize all of their stuff, true, but they have partner documentation, their partners are proud to be vendors to Amazon and will advertise, and there are old unlisted PDFs on the Internet. Besides, Amazon has thousands of employees and contractors and their families. This kind of thing is within reach of any human being with sufficient interest.
Just look on satellites for giant buildings with no cars or semi trailers parked in the parking lots.
I wonder if data centers will have to start doubling as automobile junkyards to conceal themselves.
Some data centers are more valuable as targets than others. For example, those comprising us-gov-east-1 and us-gov-west-1 or, god forbid, us-east-1. I don’t expect it is a difficult task to find them and other critical infrastructure for a state, but probably more involved than popping open google maps.
I've always wondered what "us-east-1" is, presumably it's more than just 1 building
That's a region. It's not only many buildings, it's many zones, each of which are many datacenters. A region is just a virtual partition for their services. A zone is a fault domain for their services, and a single zone is met by many datacenters, each of which can have many buildings. Or at the least, I know of at least one datacenter which has multiple buildings, that is within one zone that has multiple datacenters, that is within one region that has multiple zones.
The US government's security priority should be moving critical us-east-1 services into Cheyenne Mountain.
Probably cheaper to just take over 33 Thomas Street [1]
[1] https://en.wikipedia.org/wiki/33_Thomas_Street
That is not safe in the same way.
That is way more of a worse target than the existing us-east-1.
Some Paris data centers are disguised as apartment buildings with the classic Hausmannian facade, and then you open up Google maps and see a ton of AC units stacked on the roof. These aren’t likely major cloud data centers mind you, and the motivation for concealing them has more to do with the city’s aesthetic codes than military defense.
or less aesthetic versions https://en.wikipedia.org/wiki/33_Thomas_Street#/media/File:A...
Even that isn't a serious data center (on the level of national security concerns). Wall St is run from Mahwah, NJ.
Hell, you just need to hit a transformer or two to take it entirely down for days if not weeks
They can typically operate indefinitely on diesel generators and have hot supply contracts with multiple suppliers. Even our small rinky dink datacenter had that.
So, it would generally be more effective to hit the actual datacenter than try to cut the power.
Several gulf state oil companies have declared force majeure on contracts they have to supply various customers due to the war. Good luck on getting diesel deliveries when things really hit the fan.
Tell that to Delta's data center
On the other side AMZN could have hired several RC plane hobbyists, fly them Emirates business class, put them into Burj Khalifa suites, fund several beefy jet, nitro or EDF planes for them (with jet getting as expensive as $5K), and have these guys on guard duty on the roof so they would take down any incoming drones (see Ukraine interceptor drones), and that would still be a pocket change compare to the datacenter damage. (of course somebody can get a startup going producing an automated container deployable unit consisting of like a 64 cell VLS with such interceptors plus radar plus optical - can be quickly deployed when necessary for example onto datacenters or say onto large ships navigating some treacherous waters )
More tech-y approach - AI (or even actual security guards) monitor the video cameras and once there are incoming drones, several MW of power can be redirected into those datacenter's large satellite dishes (more precisely - into very simple microwave generators installed on the dishes) and the dishes turned toward the incoming drones - the drones will get cooked in seconds, add the kitchen microwave sound effect.
> A few cheap drones can ...
It is temporary. The race is only starting. Soon you will have to have a hive of highly intelligent autonomous drones to have even slightest chance to make through a hive of highly intelligent autonomous interceptors, etc.
The government based defense departments are very slow and expensive though, while the extremely valuable targets like the datacenters belong to the transnationals and located across the world (and more and more in space). Thus the transnationals would have to take care of the defense of their assets themselves (or outsource it to other transnationals, like say imagine AWS providing air-defense-as-a-service), more efficiently and agile than the government defense departments. If you take a look at Palantir Karp's book "Technological Republic" you can read that between the lines there too.
That's why the SWIFT backup data centers in Belgium are camouflaged as posh villas (or so i've heard)
I'm surprised they did not build them in a bunker or other hardened location. The region is not exactly known for its political stability.
Where's the next quarter margin in that?
If you really want to know where the data centers are, the local Uber drivers and pizza delivery folks are a great source.
Can't you use internet geolocation from a distributed botnet, and triangulation based on timing?
Maybe. I used to use this about 20 years ago, trying to track down where the UK root servers were so I could increase my drop-catching. Get test accounts on as many hosting providers as possible, check hops and ping times, move on to the next one. It's not as accurate as you'd hope, though.
Yes, and this could perhaps determine location within a few miles.
Big tech's love for cheap labor is a great mechanism for finding where all their most valuable assets are and mapping out any and all vulnerabilities. I imagine state actors are applying to any and all low paying jobs that have seemingly juicy job requirements and feeling out details during interviews. Even better if you offer to accept a salary far below standard rates and actually get the job.
While probably not a state agent, I've personally done online interviews with some people that were clearly lying about everything and trying to feel out details about the company. People claiming to live in our country and being citizens but having little ability with the language, saying they would love to come to our city but it's a bit far, saying they graduated from a major university but being unable to describe anything about the town (with their resume mentioning graduating from a different university, and their LinkedIn a different university from either), random people moving around and arguing in the background, all their work was with random crypto businesses that shut down within months. I had to stop my coworkers from saying too much. I had to convince them why hiring that person for remote work and giving them access to our servers was a bad idea. There are without a doubt companies giving similar people physical access to their hardware. And there are undoubtedly people who practice interviewing to better deceive companies.
You can be secretive all you want, but it's extremely difficult to hide massive heat exchanging systems and/or generators from aerial/space photography. Particularly at the scale of an AWS-like datacenter.
Building a fully camouflaged datacenter could be done at much greater cost, but you still can't hide its thermal emissions from infrared. Basically every watt hour used in a datacenter environment turns into waste heat ultimately rejected into the atmosphere (except for the 0.000000001% that leaves the facility as photons down a fiber), so if you have N megawatts of waste heat from a rectangular shaped building located on a 300 x 400 meter sized plot of land, it's going to stand out.
Wouldn't it be possible to pipe away the heat to the next city and use it as heating there? That way the heat emissions wouldn't be as noticeable
A project of that size is gonna be even harder to conceal.
> except for the 0.000000001% that leaves the facility as photons down a fiber
Realistically you're getting photons returned too.
Geothermal exists, but you would have to take care to design accordingly and even then there are plenty of other ways for a state actor to locate you. It probably doesn’t make much sense to spend money trying to hide from state actors; it’s probably better to (1) avoid conflict prone areas to the extent possible and (2) make it expensive for an attacker to shut you down (use more smaller data centers within a sensitive region, put some of them underground, etc) or (3) accept the risk of data center disruption.
I wonder if you can uncover where the data center is just by using ping command.
It could give you a rough idea, but it's far from precise. The delay added by a single router could throw you off by several KM.
It's much more effective to just go through satellite imagery and land title records.
https://www.wolframalpha.com/input?i=0.01+ms+at+speed+of+lig...
>> I wonder if you can uncover where the data center is just by using ping command.
Not exactly, but you can uncover cloud providers like Google and Azure, who forget to tell you, their "availability zones" are in the same data center ;-)
As long as they're on opposite sides so the same Shahed missile doesn't hit them both.
You can find data centers by looking for hvac units in satellite photos.
You can make a few phone calls. Maintenance is not avoidable until boston dynamics figure out how to clean the toilets at least.
Probably also grid connections like size of transformers and if there is prominent number of trucks going in and out.
The relative lack of trucks is what would identify the data center. The only other buildings like that are warehouses, which have a lot more trucks going in and out relatively speaking.
In rural areas maybe. But plenty of data centres are in cities too. And European cities are not generally known for an abundance of parking spaces.
The giant kilometer by kilometer hyperscaler data centers aren't in cities.
Actually sometimes they are.
For example Lakeside Technology Center in Chicago
Or Telehouse in London
That's some of how geolocation works. Ping can't go faster than the speed of light, so that gives you a circle for where something is. Ping from enough places and you can get a good enough idea, if you're the Iranian Guard or otherwise.
"Stops billing" makes it sound generous. If those regions can't run customer apps, not charging for them is just the minimum.
IDK your S3 data may be fine, they're still incurring the cost to store it on those drives - even if they're buried in rubble /s
There is already a S3 storage class for that: Amazon S3 Glacier Deep Archive
Also you have to remember the basics of statuspage messages: Its always just elevated error rates. Even when the error rate is elevated to 100%.
"We are observing elevated error rates when accessing objects stored in the affected region. Impacted customers may experience increased latency or intermittent failures while retrieving debris adjacent data." /s
At least the war itself is over:
https://www.politico.com/news/2026/05/01/trump-congress-war-...
Now, about those fuel prices...
There is no war in U-S-Se
I'm surprised this reportedly only affected 19 server racks. Some of the small FPV quadcopter strikes I've seen videos of have collapsed entire homes. Even if the structure is more resilient than a fragile home, I would have expected the blast from a larger long-range drone like a Shahed to damage more server racks than that.
It's either 100lb or 100Kg, with a direct hit on a dense centre, it would damage a lot of racks, but if it's oblique, or indirect, impartial, the damage could be less pronounced. They could also be misrepresenting by diminishing the damage as there's a lot of information suppression going on.
I think during the OVH fire, it was the smoke damage that was deemed to have damaged a lot of the servers.
Fans and cooling might be affected by all the debris. Spinning rust drives often have breathing holes, too.
Absolutely. So many failure modes. Literally even just 'things falling over'.
Yea it's hard to reconcile such a small number of affected racks with such a widespread impact though, so this must not be the whole story. They're talking about a half a year to restore the data center. It must be more than a roof repair and 19 racks.
The sheer amount of metal on every rack makes DCs very dense
Bezos getting what he paid for
How is this possible?
Iran's Navy, Air Force, power plants, hospitals, colleges, universities and most importantly little girl's schools were obliterated in the first 42 minutes of Trump's war.
When I was working at AWS, which was a new service at the time, the example we often heard was a natural disaster or comet strike; would be what we were making our data centers redundant for. I don't think we were ever considered to be targeted during war and I'm sure they considered that they just didn't want to that affect that morale cost on the staff.
> a natural disaster or comet strike
or, that is what they tell you.
Three availability zones provides no protection against three ballistic missiles.
Region pairs are similarly totally ineffective against a mere six rockets.
No current missile defence system is effective against ballistic warheads reentering from space at hypersonic velocities.
Colocating thousands of businesses and hundreds of government agencies into a handful of hyperscale data centres is the text book definition of putting all of one’s eggs into a single basket.
If Iran’s attacks were more coordinated[1] they would have taken out all zones of every Middle East AWS, Azure, and GCP region. On top of the obvious direct damage to GCC nations it could have very likely permanently damaged the reputations of public clouds, possibly causing trillions in indirect economic damage to the United States.
[1] The theory is that the Iranian regime prepared for decapitation strikes by splitting their military into about thirty cells that can act independently.
Thanks 2nd Epstein War for all the fuck up in the world.
It had to have been cheaper to just pay more in taxes then this outcome.
Not if you're rich and own representatives.
ZOMG free egress!?!?