Iran's IRGC Claims Dubai Oracle Data Center Attack; UAE Denies Incident

Iran's Islamic Revolutionary Guard Corps (IRGC) naval command announced Thursday it attacked a data center belonging to the American technology firm Oracle in Dubai, United Arab Emirates. The claim, broadcast via Iranian state media, follows recent threats from the IRGC to target U.S. technology companies in the Middle East. However, Dubai authorities quickly rejected the report, calling it "fabricated and incorrect."^{[timesofindia+2]}

Iran Cites Retaliation for Regional Strikes

The IRGC's claim on April 2, 2026, stated the operation was retaliation for an attempted assassination in Tehran. Iran linked the attack to an alleged US-Israeli strike that reportedly injured former Iranian Foreign Minister Kamal Kharrazi and killed his wife.Just one day earlier, on April 1, the IRGC also took credit for an attack on an Amazon cloud computing center in Bahrain.The Bahrain Interior Ministry confirmed a fire at a company facility after what authorities called an "Iranian aggression."The ministry did not specifically name Amazon.^[en+6]

The Iranian military body had issued a stark warning earlier in the week. It threatened to target 18 major U.S. tech companies, including Oracle, Microsoft, Google, Apple, and Amazon, accusing them of assisting American and Israeli military operations.The IRGC warned employees of these companies to evacuate their workplaces "immediately to save their lives."It also advised residents living within a one-kilometer radius of these "terrorist companies" across the region to move to a safe place.The statement indicated that these companies should expect "destruction of their relevant units" starting Wednesday, April 1, at 8:00 p.m. Tehran time, in response to any assassination in Iran.^{[timesofindia+11]}

Dubai Authorities Firmly Deny Attack

Dubai's government swiftly denied the IRGC's claim regarding the Oracle data center. The Dubai Media Office posted a statement on X, dismissing the reports as "fake news" and stating they had no basis in fact.No independent verification of any successful strike on Oracle's infrastructure in Dubai has emerged.Oracle itself has not yet issued a public statement regarding the alleged targeting of its regional facilities.^[en+5]

This is not the first time Dubai authorities have countered misinformation. Officials often urge the public to rely only on official government sources, especially during periods of heightened regional tension.The denial from Dubai contrasts with the situation in Bahrain, where authorities acknowledged a fire following an Iranian aggression, though without naming Amazon.^{[hindustantimes+2]}

Broader Context of Regional Cyber Warfare

The alleged attacks come amidst escalating tensions and a broader cyber conflict in the Middle East. Iran's military central command, Khatam Al-Anbiya, announced a "new wave of attacks" on Thursday. These attacks targeted the UAE, Bahrain, and Israel, in response to what Iran described as US-Israeli strikes on its two largest steel plants.The claimed targets included "American steel industries in Abu Dhabi, American aluminium industries in Bahrain, and the Rafael arms factories of the Zionist regime."^{[hindustantimes+1]}

Iranian government-affiliated actors have a documented history of cyber operations against the United States, Israel, and Persian Gulf Arab countries.These operations include distributed denial-of-service (DDoS) attacks on U.S. banks in 2012 and 2013, and infiltration of critical infrastructure like the Bowman Avenue Dam in New York in 2013.More recently, the FBI thwarted an Iran-backed attempt to hack Boston Children's Hospital in 2021.^[hstoday+4]

The United Arab Emirates faces between 500,000 and 700,000 cyberattacks daily.Hostile actors, including those linked to Iran, use artificial intelligence tools like ChatGPT to support reconnaissance, detect vulnerabilities, conduct phishing campaigns, and create malware.Experts note that AI has become a core component of modern cyber warfare, enabling faster, more convincing, and lower-cost operations, including deepfakes and disinformation campaigns.^[scworld+2]

Iran's cyber activities have advanced, particularly in precision and intelligence gathering, allowing for more accurate and targeted attacks.Cybersecurity researchers track over 60 active threat groups aligned with the current Middle East conflict, with 53 operating on the pro-Iranian side.These groups employ various attack methods, including spear phishing, credential harvesting, VPN and edge device exploitation, wiper malware designed to destroy data, and DDoS attacks.^[en+2]

Implications and Future Outlook

The conflicting reports regarding the Oracle data center underscore the challenges of verifying claims in an active cyber conflict. The IRGC's statements and actions indicate a strategy of expanding targets to include commercial infrastructure, particularly U.S. technology firms perceived as linked to military operations.Security analysts say Iran's linking of private sector tech firms to U.S. military operations shows how adversaries view commercial infrastructure, where cloud platforms, semiconductor supply chains, and AI systems are increasingly seen as extensions of national security capabilities.^[cbsnews+2]

The U.S. government has been preparing for such scenarios, with White House Deputy Press Secretary Anna Kelly stating the U.S. military is ready to thwart attacks. Kelly noted a significant reduction in Iranian ballistic missile and drone attacks due to U.S. preparedness.However, the ongoing threats highlight the unpredictable nature of modern warfare, where cyber and physical attacks can blur.Regional and international bodies continue to urge restraint and reliance on verified information to prevent further escalation.^[cbsnews+2]