Lloyd’s Subscription Room – 1809
On March 1, 2026, three Iranian drones answered a question the insurance industry had never seriously been asked before. The answer is going to cost someone a very great deal of money — and nobody is quite sure yet who that someone is.
The Day the Cloud Got an Address
The technology industry has spent two decades selling the world on a comforting abstraction. The cloud, we were told, was everywhere and nowhere — distributed, resilient, redundant, above the fray of physical geography. Your data floated somewhere safe. Your applications ran on infrastructure too vast and dispersed to be meaningfully threatened by any single event.
On March 1, 2026, Iran’s Islamic Revolutionary Guard Corps took a drone, aimed it at a specific set of coordinates in the United Arab Emirates, and demonstrated that the cloud has an address.
Drone strikes damaged three Amazon Web Services data centers in the UAE and Bahrain, knocking two of the ME-CENTRAL-1 region’s three availability zones offline and triggering outages across EC2, S3, DynamoDB, Lambda, RDS, and other core services — marking the first confirmed military attack on a hyperscale cloud provider in history.
AWS confirmed structural damage, power disruption, fire, and water damage from suppression systems. Outages cascaded across Abu Dhabi Commercial Bank, Emirates NBD, First Abu Dhabi Bank, payments platforms Hubpay and Alaan, data cloud company Snowflake, and ride-hailing platform Careem.
Then, a month later, the IRGC claimed to have struck an Oracle data center in Dubai. Oracle, characteristically, said nothing. A former Pentagon official who advises technology companies on geopolitical risk told reporters that the Iran claim “changes the insurance math overnight.”
He was not wrong. But he may have understated it considerably.
Why These Specific Buildings?
Before we get to the insurance implications, it is worth understanding precisely why Iran chose to hit data centers rather than, say, military bases or oil infrastructure — and what was actually running inside those buildings when the drones arrived.
Iran’s Fars News Agency stated on Telegram that the Bahrain facility had been deliberately targeted “to identify the role of these centers in supporting the enemy’s military and intelligence activities.” This was not random targeting. It was surgical, and the reasoning behind it is the story that most mainstream coverage has skated past.
Iranian state media asserted the AWS facilities were legitimate targets because the US military was using AI systems hosted on AWS for intelligence analysis and war simulations. Specifically, the AI system in question was Claude — the model made by Anthropic, the company that also makes the AI you may be reading this through right now. The US military used Claude, combined with Palantir’s Maven system, for real-time targeting and target prioritization in support of combat operations in Iran. Maven fuses satellite imagery, drone feeds, radar data and signals intelligence into a unified platform that classifies targets, recommends weapons and generates strike packages in near real time, while Claude helps military planners sort information and decide on targets and priorities.
Admiral Brad Cooper, head of CENTCOM, publicly confirmed the use of “a variety of advanced AI tools” to process vast amounts of battlefield data in seconds, allowing commanders to make decisions faster than Iranian forces could react. The US struck over 1,000 targets in the first 24 hours.
Iran’s logic was direct: the buildings that housed the AI doing the targeting are part of the war machine. Hit the buildings, degrade the targeting. It is, from a purely military standpoint, a coherent strategy. What makes it a civilizational problem is what else was running in those same buildings.
The Pentagon’s Brilliant, Catastrophic Cost-Saving Measure
The US Department of Defense awarded its Joint Warfighting Cloud Capability contract — worth up to $9 billion — across Amazon Web Services, Microsoft Azure, Google Cloud, and Oracle. Those contracts place classified and unclassified military workloads, including AI-driven intelligence analysis, logistics planning, and battlefield communications, onto the same commercial cloud platforms that host consumer streaming services, banking applications, and hospital record systems. A single AWS availability zone might simultaneously process classified Pentagon data, run a major bank’s transaction systems, serve Netflix content, and host a hospital’s electronic health records.
The Pentagon saved money. It got world-class AI infrastructure at commercial prices rather than building its own bespoke military network. And in doing so, it quietly converted every AWS data center in the region into a legitimate military target under the laws of armed conflict.
The CIA’s Commercial Cloud Enterprise contract — awarded to AWS, Microsoft, Google, Oracle, and IBM — runs intelligence workloads on infrastructure that is, at the physical layer, intertwined with commercial operations. The NSA has similar arrangements.
In late March 2026, Iran’s military leadership formally declared that AWS, Google, and Microsoft data centers hosting US defense workloads constitute legitimate military targets under international law. The declaration invoked the principle of distinction under the Geneva Conventions to argue that these facilities, which host classified Pentagon AI systems alongside civilian infrastructure, have forfeited their civilian status. What makes the claim so destabilizing is not that it comes from Iran, but that the legal logic underlying it is genuinely difficult to refute.
A bank in Abu Dhabi running its payment processing on AWS had no idea it was co-locating with classified Pentagon AI targeting systems. A hospital storing patient records in that same availability zone had no idea its data shared a building with military intelligence workloads. They had no way to know. That information was never disclosed. And now their systems are offline, their data is inaccessible, and their insurance policies almost certainly do not cover what just happened to them.
The Coverage Gap That Just Became a Chasm
Here is the insurance problem in plain language.
Standard commercial property insurance covers fires, floods, storms, and accidents. It almost universally contains a war exclusion clause. If a building is damaged in an act of war, the standard policy does not pay.
Standard cyber insurance covers hacking, data breaches, ransomware, and system outages caused by digital attacks. It also, increasingly, contains war exclusion clauses — Lloyd’s of London rewrote its cyber war exclusions following the NotPetya attacks attributed to Russia, which caused billions in uninsured losses when courts ruled the attack constituted an act of war.
Business interruption insurance covers lost revenue when operations are disrupted. It pays when the cause of disruption is a covered event. Acts of war are not covered events.
When a kinetic military strike physically destroys cloud infrastructure, the resulting losses may fall into a gap between a traditional property and casualty policy, a standalone cyber policy, and the war exclusion clauses that both types increasingly contain. Lloyd’s of London has been reviewing war-risk exclusion language in recent years following conflict-related claims tied to Ukraine, and industry analysts have indicated that the UAE incident may accelerate reassessments of cloud infrastructure risk modeling and pricing.
Standard commercial property and business interruption insurance policies frequently exclude acts of war. Companies must aggressively scrutinize their insurance coverage and secure specialized war risk policies to ensure they are protected from geopolitical violence, though such policies are complex and heavily contested by underwriters.
The brutal reality: most of the companies whose operations were disrupted by the AWS outages — banks, payment processors, logistics firms, healthcare providers, retailers — almost certainly had no war risk coverage for cloud infrastructure disruption. Because until March 1, 2026, no one had ever needed it. The risk was theoretical. Now it is not.
What the Marine Insurance Market Can Teach Us
To understand where AI datacenter insurance is going, it helps to look at where marine war risk insurance already is — because the maritime market just provided an extraordinary live demonstration of how quickly this kind of market can reprice.
Within 48 hours of coordinated US-Israeli airstrikes on Iran on February 28, 2026, war risk premiums surged fivefold, major marine insurers terminated existing coverage and offered replacements at roughly sixty times pre-crisis rates, and Lloyd’s Joint War Committee redesignated the entire Arabian Gulf as a conflict zone. Tanker traffic collapsed by more than 80 percent. The kinetic escalation that followed compounded the disruption, but the commercial shutdown preceded the physical blockade. Insurance closed the strait before Iran’s navy did.
Read that again. Insurance closed the Strait of Hormuz before the IRGC did. The repricing of risk by underwriters in London produced a strategic outcome — shutting down 20% of global oil flow — that military force alone might not have achieved as quickly. This is what happens when a market that has been pricing a risk at theoretical levels suddenly has to price it at real ones.
Pricing moved sharply higher for marine and aviation cover, with premiums for vessels transiting the Strait of Hormuz rising to 20 times typical levels. Fitch flagged data centers and energy facilities across Gulf Cooperation Council countries as sitting within scope of political violence and terrorism coverage triggers, noting that while losses remain contained so far, further strikes raise the probability of larger claims.
The same dynamic is now arriving for data centers. But the data center market has a problem that the marine market does not: it does not yet have a mature, standardized product to sell.
The New Industry Being Born in Real Time
Before the March 2026 strikes, the insurance industry was already struggling to keep pace with the sheer scale of AI datacenter investment.
Hyperscale campuses now exceed $20 billion in total insured value, while the insurance market’s effective capacity for a single asset remains capped around $5 billion. This gap forces owners to syndicate coverage across dozens of carriers, tolerate exclusions, or explore alternatives such as self-insurance, captives, and mutuals.
Global spending on data centers could reach $7 trillion by 2030, according to McKinsey. Insurance brokers are creating specialized teams and bespoke policies to meet the demand. It was nearly impossible to reasonably insure a $20 billion campus in 2023. In 2026, it has become a weekly conversation.
And that was before anyone was shooting at them.
Now add the war risk dimension, and the product that needs to exist — but largely does not — looks something like this: specialized coverage for physical kinetic attack on data center infrastructure, covering structural damage, equipment loss, data recovery costs, business interruption for direct tenants, downstream business interruption for companies whose cloud services were disrupted, reputational damage, and regulatory liability for data exposure resulting from the attack. It needs to distinguish between terrorism (potentially covered under existing political violence policies) and acts of war (typically excluded). It needs to address the legally novel question of whether a commercial data center that co-hosts military AI workloads is a civilian object or a military objective. And it needs to somehow price a risk that has no historical actuarial data whatsoever, because nothing like this has ever happened before.
Insurers are increasingly turning to catastrophe bonds and alternative capital structures to address growing coverage gaps tied to large-scale data center developments. The shift comes as demand for insurance tied to AI infrastructure rises and traditional capacity struggles to keep pace. Brokers and insurers are working with private capital firms and hedge funds to issue catastrophe bonds and special-purpose vehicles to provide additional capital to cover risks associated with data centers.
That is the market beginning to assemble itself. Catastrophe bonds for data centers. War risk riders for cloud infrastructure. Political violence endorsements specifically written for AI campuses. This product set did not exist eighteen months ago in any meaningful form. It is being invented right now, by actuaries who are working from first principles because there is no loss history to guide them.
The Companies Named as Targets — And What That Means for Their Customers
The IRGC named 18 companies as legitimate targets, including Cisco, Intel, Oracle, Microsoft, Apple, Google, Meta, IBM, Nvidia, Tesla, Boeing, and Abu Dhabi-based AI firm G42. It accused them of enabling Israeli and US “terror operations” through their information and artificial intelligence technologies.
Every company on that list operates data centers in the Gulf region. Every company on that list has customers — banks, governments, hospitals, retailers, logistics operators — whose critical systems run on their infrastructure. Those customers are now, by extension, operating in a building that an active belligerent has declared a legitimate military target.
“From Tehran’s perspective, a company that provides cloud services to the Pentagon and to a Dubai bank is a single target, not two separate entities,” one analyst told Anadolu Agency. “By threatening the full spectrum of Western commercial presence in the Gulf, Iran is raising the cost of the US-Gulf economic relationship itself.”
Iran has also specifically threatened the Stargate UAE campus — the planned $30 billion AI facility in Abu Dhabi being built under a US-UAE partnership announced during Trump’s May 2025 Middle East tour, which would be the largest AI facility outside the United States. Companies including Cisco, OpenAI, Oracle, and Nvidia are involved in the planned campus.
A $30 billion facility. Explicitly threatened by name. By a state actor. Currently under construction.
What does that facility’s insurance program look like? What does it cost to insure against kinetic military attack, when the attacking party has already declared it a target, when the legal basis for targeting it is difficult to refute under international law, and when no actuarial table exists for this category of loss? These are not rhetorical questions. They are the questions that underwriters in London and Zurich and New York are being asked right now, in real meetings, by real clients who need real answers before they can break ground.
The Submarine Cable Dimension Nobody Is Talking About
The data center strikes are only part of the vulnerability picture. There is a second, quieter catastrophe developing alongside them.
Seventeen submarine cables pass through the Red Sea, carrying the majority of data traffic between Europe, Asia, and Africa. With Iran’s closure of the Strait of Hormuz and renewed Houthi threats in the Red Sea, both critical data choke points are now in active conflict zones simultaneously.
The cables that carry internet traffic and the tankers that carry oil are being threatened by the same conflict at the same time, through the same geographic chokepoints. Experts have called closing both choke points simultaneously “a globally disruptive event” — one that has never happened before in the history of the modern internet.
Submarine cable insurance is an established product. War risk coverage for cables exists. But the combination of physical cable disruption, data center strikes, and cloud service outages cascading simultaneously into banking failures, supply chain collapses, and military communications degradation creates a correlated loss event of a kind that no existing insurance model was built to handle.
As AXA XL’s chief risk officer noted, “Risk is no longer linear; it is networked.” When cloud platforms like AWS and Microsoft Azure serve thousands of companies and millions of users, an outage goes from one company to thousands to millions of users very, very quickly. And when that outage is caused by a drone rather than a software bug, every war exclusion clause in every policy held by every one of those thousands of companies simultaneously becomes relevant.
Who Actually Pays?
This is the question that is going to occupy lawyers, actuaries, and courts for the next decade.
Under the century-old Cuba Submarine precedent, any claims by the private sector against state belligerents for damages from the 2026 strikes are highly unlikely to succeed. The cloud has become the modern telegraph cable. When a government destroys private infrastructure during wartime, historical legal precedent offers almost no recourse against the attacking state.
AWS waived its usage charges for the affected region. That is a customer relations gesture, not an insurance payout. The structural damage to the buildings, the destroyed servers, the lost equipment, the cost of rebuilding — those losses sit somewhere in the gap between AWS’s own balance sheet, its property insurance (which almost certainly contains a war exclusion), and the governments of the UAE and Bahrain, whose territory was attacked.
The downstream losses — the bank that couldn’t process transactions, the hospital that lost access to patient records, the retailer whose logistics system went dark — sit in a different gap. Their cloud provider’s terms of service almost certainly contain force majeure clauses covering acts of war. Their own business interruption insurance almost certainly excludes acts of war. And their government is not going to compensate them for choosing to run their operations on commercial cloud infrastructure located in a region that has now been designated a conflict zone.
A former Pentagon official who advises technology companies on geopolitical risk told reporters that the strikes change “the insurance math overnight.” Data centers in the Gulf were already subject to elevated political risk premiums, but the possibility of a state actor deliberately targeting them — and publicly announcing it — is a qualitatively different threat. It is one thing to worry about collateral damage. It is another when a government names your company in a military communiqué.
The Industry Being Born
Every major insurance market in history was born from a catastrophe that exposed a gap.
Lloyd’s of London itself was born in a coffee house in the 1680s, where ship owners and merchants gathered to share the risk of maritime trade that had no other protection mechanism. The Great Fire of London in 1666 created the property insurance industry. The San Francisco earthquake of 1906 reshaped American casualty insurance. The asbestos liability crisis of the 1970s created environmental insurance. September 11 created terrorism insurance as a mandatory government backstop. The NotPetya cyberattacks of 2017 created the war exclusion carve-outs in cyber policies that the Iran strikes just made newly relevant.
And now, three Shahed 136 drones over the UAE on March 1, 2026, have created the need for AI datacenter war risk insurance — a product that barely existed as a concept twelve months ago and is now urgently, desperately, expensively necessary.
The questions that product will have to answer are genuinely new. Does a data center that co-hosts military AI workloads lose its civilian status under the laws of armed conflict? If so, does the operator’s insurance become void because the facility was a legitimate military target? Do downstream customers have any recourse when their cloud provider’s building was destroyed by a state actor targeting the military tenant three floors up? What is the actuarially correct premium for a $20 billion AI campus in Abu Dhabi when the IRGC has published its address on Telegram and declared it enemy infrastructure?
Nobody knows the answers yet. But the people who figure them out first — the underwriters who build the models, the brokers who assemble the programs, the lawyers who draft the policy language, and the reinsurers who provide the capacity — are going to define an insurance market that could be worth tens of billions of dollars annually within this decade.
The cloud, it turns out, is not above it all. It has an address. That address can be hit by a drone. And when it is, someone has to pay for it.
The only open question is who.
