A New Phase of Infrastructure Warfare
As the US-Israel-Iran conflict enters its 12th day in March 2026, the Islamic Revolutionary Guard Corps (IRGC) has dramatically broadened its rhetoric and targeting strategy. What began as direct military exchanges has spilled into an “infrastructure war,” with warnings targeting civilian-adjacent assets like tech offices, data centers, banks, and energy facilities.
The IRGC’s Khatam al-Anbiya Headquarters and affiliated media, such as Tasnim News Agency, have issued explicit lists and ultimatums, framing these as legitimate retaliation for alleged Israeli strikes on Iranian banks and other sites.
These statements signal a shift from proportional responses to sustained pressure on economic and digital lifelines across Israel and Gulf states.
This escalation raises alarms about global supply chains, cloud services, and regional stability, as non-military targets increasingly enter the crosshairs.
The Explicit Threat to Google and US Tech Giants
On March 11, 2026, Tasnim News Agency—closely tied to the IRGC—published a detailed list of “Iran’s new targets,” explicitly naming infrastructure belonging to Google, Microsoft, Amazon (AWS), Palantir, IBM, Nvidia, and Oracle.
The report highlighted offices, cloud data centers, and research facilities in locations including Tel Aviv, Haifa, Jerusalem, Dubai, Qatar, Abu Dhabi, and Bahrain. Google’s Dubai office (handling advertising and search) and its Qatar cloud support center were singled out, alongside Nvidia’s main R&D hub in Haifa and Palantir’s offices in Tel Aviv and Abu Dhabi.
Tasnim described these sites as “enemy technology infrastructure” linked to Israeli military applications, claiming their cloud services and AI tools support adversary operations. The agency stated: “As the scope of the regional war expands to infrastructure war, the scope of Iran’s legitimate targets expands.”
This marks the first time major US tech firms have been publicly listed in this manner, building on earlier IRGC claims of responsibility for drone strikes on AWS data centers in the UAE and Bahrain on March 1. Those attacks caused fires, power outages, and widespread service disruptions for banks, ride-hailing apps, and enterprises.
No Google facilities have been struck yet, but the warning has prompted heightened security concerns among tech executives, with none issuing public statements as of March 12.
Warnings Targeting Banks and Economic Centers
Parallel to the tech threats, the Khatam al-Anbiya Headquarters issued a sweeping alert on March 11 following an alleged Israeli strike on a Bank Sepah-affiliated building in Tehran, which reportedly killed employees.
IRGC spokesperson Lieutenant-Colonel Ebrahim Zolfaghari declared that the attack “left our hands open to targeting economic centres and banks belonging to the United States and the Zionist regime in the region.” He explicitly urged civilians across the Middle East to avoid being within a one-kilometer radius of any US- or Israeli-linked banks, warning of “painful retaliation.”
This rhetoric frames financial institutions as fair game, expanding beyond traditional military sites. Reuters and Al Jazeera reported the statement as a direct response to what Iran called an “illegitimate and unusual act in war.” Western banks operating in the Gulf have since confirmed internal measures to protect staff, while the warning echoes Iran’s pattern of asymmetric retaliation.
No bank strikes have been confirmed post-warning, but the 1km buffer advisory has fueled panic in urban financial districts from Dubai to Tel Aviv.
Strikes on AWS and Shifting Red Lines
The current warnings build directly on prior IRGC actions. In the conflict’s early days after February 28 US-Israeli strikes (which reportedly killed Supreme Leader Ayatollah Ali Khamenei), Iran launched ballistic missiles and drones at US bases and allies.
IRGC forces claimed responsibility for hitting AWS facilities in UAE’s ME-CENTRAL-1 and Bahrain’s ME-SOUTH-1 regions, marking the first known physical military assault on hyperscale cloud infrastructure. Amazon acknowledged localized damage and urged workload migrations to Europe.
Microsoft denied impacts on its sites, but analysts note the precedent: data centers powering AI, intelligence, and finance are now viewed as extensions of enemy power. The IRGC’s Tasnim list expanded this logic to 29 specific sites across Google, Microsoft, and others, signaling that cloud computing itself is a battlefield domain. This evolution from missile barrages to targeted infrastructure hits reflects Iran’s strategy of inflicting economic pain without full-scale conventional war.
Energy Infrastructure and Strait of Hormuz Threats
Beyond tech and finance, the IRGC has repeatedly warned on energy assets. On March 8, an IRGC official stated that continued attacks on Iranian energy infrastructure would trigger “regional response,” including potential strikes on Gulf oil facilities.
Reports from March 11 indicate the IRGC Navy has mined or prepared to mine the Strait of Hormuz—a chokepoint for 20% of global oil trade—prompting US President Trump to demand immediate removal and threaten unprecedented military consequences.
Newly installed Supreme Leader Mojtaba Khamenei reinforced this in his first written message on March 12, praising armed forces and insisting the Strait remains a “tool of pressure.” IRGC statements also designate any ships or oil cargoes linked to the US, Israel, or partners as “legitimate targets,” shifting from one-off retaliation to open-ended disruption. These warnings compound risks for global energy markets already volatile from the conflict.
Strategic Shift to Continuous Strikes Policy
On March 11, the Khatam al-Anbiya command announced an end to “proportional retaliation,” adopting a policy of “continuous strikes.” This means consecutive attacks rather than tit-for-tat responses, with IRGC boasting of a 37th round of “True Promise” operations involving missile barrages on Israeli targets and US-linked sites.
The policy explicitly includes economic, maritime, and digital domains, broadening from earlier warnings limited to military bases.
Cyber dimensions amplify this: Google Threat Intelligence has forecasted Iranian hacktivist fronts and ransomware campaigns targeting the US, UK, and Gulf allies, with plausibly deniable operations already surging since late February.
Implications for the Region and Global Security
These layered warnings—tech lists, bank buffers, energy ultimatums, and maritime mining—portend cascading effects. Tech outages could cripple AI-driven military logistics and civilian services; bank attacks might freeze regional finance; Hormuz disruptions would spike oil prices worldwide.
Analysts warn of a “new kind of war” where data centers rival power plants in vulnerability. Gulf states like the UAE and Qatar, hosting many listed facilities, face dual pressures as hosts and potential collateral zones. No major tech firm has confirmed evacuations or closures, but the 1km advisories and target lists have already disrupted operations.
Historical Context of IRGC Warnings
The IRGC has long used public threats as psychological and deterrent tools. Past examples include vows against US bases post-Soleimani assassination and oil tanker seizures in the Strait.
The 2026 escalation fits this playbook but innovates by naming commercial giants like Google and Nvidia—companies whose AI and cloud tech Iran alleges aid Israel. This transparency via state media aims to deter investment and force adversaries to divert resources to defense.
Risks of Further Escalation
The IRGC’s multifaceted warnings—from bombing Google-linked cloud centers to targeting banks and mining strategic waterways—illustrate a deliberate expansion of the conflict into everyday economic pillars. With continuous strikes now policy and retaliation framed as inevitable, the region stands on the brink of deeper chaos.
While no new physical attacks on the newly listed targets have materialized as of March 12, the explicit nature of these threats underscores Iran’s resolve to impose costs far beyond the battlefield.
Global stakeholders, from Silicon Valley to energy traders, must now grapple with a war that blurs lines between military and civilian infrastructure. De-escalation remains possible through diplomacy, but the IRGC’s rhetoric suggests a prolonged phase of hybrid pressure ahead.