By Tony Grayson, Tech Executive (ex-SVP Oracle, AWS, Meta) & Former Nuclear Submarine Commander

The Illusion of Data Center Security

There is a dirty secret the data center industry doesn’t like to discuss: all the biometric scanners, mantrap doors, armed guards, and compliance certifications in the world can’t protect you from the vulnerabilities that actually matter.

I’ve spent my career building, operating, and leading infrastructure at the world’s largest scale...from commanding nuclear submarines to managing hyperscale data centers. I’ve managed billion-dollar infrastructure portfolios and led large teams. Based on that operational reality, I can tell you something that should keep infrastructure executives up at night: Data center security is essentially an illusion.

The industry has spent billions fortifying the "castles" (the facilities) while leaving the "roads" (the physical infrastructure) leading to them utterly exposed. We have focused on cybersecurity and access control, overlooking the fragility of the physical layer.

Physical Infrastructure Vulnerability: Why Redundancy is a Myth

Why is Northern Virginia (Ashburn) a single point of failure? The industry often cites that 70% of global internet traffic flows through Ashburn. While analysts at TeleGeography estimate the real number is closer to 25% of North American capacity and 13% globally, the concentration risk remains terrifying.

The vulnerability isn't just in the data halls; it is in the fiber-conduit convergence underground.

The Manhole Vulnerability

The Short Answer: While network diagrams show redundancy, physical fiber paths often converge in the same underground conduits, meaning a single physical attack can sever all "redundant" connections.

Most executives believe their network architecture diagram shows redundant connectivity because it shows two distinct lines. In reality, the fiber connecting the world’s data centers often runs through the same physical manholes.

Why does critical infrastructure converge in the same place?

• Economics: Running fiber through existing conduits is significantly cheaper than trenching new routes.

  
  

• Permitting: Collocating with other carriers reduces bureaucratic headaches.

  
  

• Speed: Adding capacity to established pathways is faster than pioneering new ones.

  
  

Every decision made economic sense in isolation, but together they created a single point of failure masquerading as redundant infrastructure.

When the Glass Melts

We build $100 million facilities with 2N power and N+1 cooling redundancy, yet we connect them via shared physical pathways vulnerable to low-tech sabotage.

• The Threat: It doesn't require a sophisticated cyber-attack. A state actor with access to those manholes could destroy connectivity with a small incendiary device or thermite charge.

  
  

• The Result: In minutes, thousands of fiber strands turn to slag.

  
  

All the redundant paths your network architect promised you? They often converge in the same conduit runs and the same manholes. If the glass melts, the redundancy on your diagram effectively equals zero.

Cascading Failures: The Economic Impact of a US-EAST-1 Outage

When AWS US-EAST-1 experienced an outage last October, it didn’t just affect Northern Virginia. Snapchat, Roblox, Fortnite, Ring, and Reddit all faltered globally.

If we game this out to a coordinated physical attack on the fiber interconnections, the internet doesn't fail cleanly....it fails in unpredictable, cascading ways:

• Immediate: Major cloud applications hosted in AWS, Azure, and Google Cloud’s eastern regions become unreachable.

  
  

• Minutes Later: DNS resolution failures cascade globally as authentication systems and CDN origins go dark.

  
  

• Economic Impact: The $9 trillion in daily global trade that depends on internet connectivity grinds to a halt.

  
  

The Guam Chokepoint: Our Western Vulnerability

In the submarine force, we looked for choke points. In digital infrastructure, we call them "aggregation risks." Real resilience isn't just about software redundancy; it’s about solving the physical fragility of the network. If we lose the link, the cloud evaporates. This is why we need distributed compute at the edge—so the mission continues even if the cable is cut.

If Ashburn represents America’s eastern vulnerability, Guam represents our western one (and it’s arguably worse). Guam has become a critical nexus; trans-Pacific cables like SEA-US, Echo, Bifrost, and Apricot all route through this 210-square-mile island.

As I have written about regarding infrastructure resilience, geopolitical tensions have accelerated this concentration. As the US government blocks connections to Hong Kong, the industry has shifted routes to the Philippine Sea, making Guam the single gateway between the US mainland and Asia. A coordinated attack on that single island (or an orchestrated fiber cut) could isolate the U.S. from its largest trading partners.

The Subsea Reality: Cables Under Attack

Ninety-nine percent of intercontinental internet traffic moves through submarine cables, some no thicker than a garden hose. These cables are being cut with increasing frequency:

• Baltic Sea (2023-2024): Nine submarine cables were cut, including Finnish-German and Lithuanian-Swedish links. German Defense Minister Boris Pistorius called it sabotage.

  
  

• Taiwan (2023): Cables connecting Taiwan to the Matsu Islands were cut 12 times in a single year.

  
  

• The Threat Vector: Chinese researchers have even filed patent applications for devices designed specifically to sever submarine cables.

  
  

The Logistics Gap: 40-Day Repair Times for Submarine Cables

Perhaps most concerning is that we can’t fix cables fast enough. The median time to repair a damaged submarine cable is 40 days.

There are only around 60 cable-repair ships worldwide, and demand is rapidly outpacing capacity.

• Red Sea Cuts (2024): Four cables were cut, disrupting 70% of data traffic between Europe and Asia.

  
  

• Vietnam: Lost all five international cables last year; restoration took nearly eight months due to permitting delays and vessel scarcity.

  
  

In a coordinated attack scenario, you aren’t looking at days of downtime. You are looking at months.

The Insider Threat: Minimum Wage Guards vs. National Security

Finally, we must address the "human firewall." Data centers love to showcase their security theater: biometric readers and vehicle barriers. But here is the economic reality:

• The Wage Gap: The average security guard protecting these billion-dollar assets earns $19-23 per hour.

  
  

• The Turnover: The security industry sees a 50.8% annual turnover rate.

  
  

As I discussed in my article on Systems Leadership, true reliability requires aligning human incentives with mission-criticality. When a guard making $40,000 a year is offered $100,000 to look the other way for ten minutes, the economics of bribery heavily favor the attacker. That biometric reader is only as reliable as the underpaid guard watching the mantrap.

The Wake-Up Call

We are living through a moment when the physical fragility of our digital infrastructure is being systematically tested. The Baltic Sea incidents and Red Sea disruptions aren’t isolated events; they are capability demonstrations.

Data center security is essential, but it is not sufficient. Until we address the physical infrastructure vulnerability that exists outside our facility walls, we are building elaborate fortifications around assets that can be disconnected from the world with a simple thermite charge or a few minutes on a cutting wheel or torch.

Frequently Asked Questions: Physical Infrastructure Vulnerability

How much internet traffic actually flows through Ashburn, Virginia?

While the commonly cited figure is 70% of global traffic, analysis by TeleGeography puts it closer to 25% of North American capacity and 13% of global capacity. Even at these levels, the concentration represents a massive single point of failure. Loudoun County alone supports nearly 6 GW of operating and under-construction data centers—more than any other U.S. county. The region became the "Data Center Capital of the World" because MAE-East, one of the first large internet peering exchanges, was relocated there in 1998.

Why do redundant fiber paths often fail together?

Because of conduit convergence. While the network may logically show two distinct paths on a diagram, physical fiber cables often run through the same manholes and trenches to reduce construction and permitting costs. Economics drive colocation: running fiber through existing conduits is significantly cheaper than trenching new routes. The result is a single point of failure masquerading as redundant infrastructure. A single physical attack—even a low-tech thermite charge—can sever all "redundant" connections when they share the same underground pathway.

How vulnerable are submarine internet cables to sabotage?

Extremely vulnerable. Since 2022, about ten subsea cables have been cut in the Baltic Sea region alone, with seven cuts occurring between November 2024 and January 2025. Notable incidents include the C-Lion1 cable between Finland and Germany (November 2024, Germany's Defense Minister called it sabotage), the BCS East-West Interlink (November 2024), and four Estlink cables on Christmas Day 2024. Around Taiwan, cables were cut 12 times in a single year. Chinese researchers have even filed patent applications for devices specifically designed to sever submarine cables. 99% of intercontinental internet traffic travels through these cables, some no thicker than a garden hose.

How long does it take to repair a cut submarine cable?

The median repair time is 40 days, assuming a repair ship is available. There are only approximately 60 cable-repair vessels worldwide, and demand is rapidly outpacing capacity. In a coordinated attack scenario, you aren't looking at days of downtime—you're looking at months. Vietnam lost all five international cables and restoration took nearly eight months due to permitting delays and vessel scarcity. The 2024 Red Sea cable cuts disrupted 70% of data traffic between Europe and Asia. Insikt Group assesses that without significant expansion of repair vessels, median restoration times will push beyond 40 days.

What happened during the October 2025 AWS US-EAST-1 outage?

On October 20, 2025, a DNS resolution failure affecting DynamoDB triggered a cascade of failures across AWS's US-EAST-1 region (Northern Virginia) lasting approximately 15 hours. The outage affected 14+ AWS services, including EC2, DynamoDB, Lambda, and S3. Major consumer applications, including Snapchat (375 million daily users), Fortnite, Roblox, Ring doorbells, McDonald's mobile orders, and United Airlines booking systems, went down. Even the British government's tax website became inaccessible. Estimates suggest global businesses lost $75 million per hour during the disruption. This was the third major US-EAST-1 outage since 2021.

What is the Guam chokepoint and why does it matter?

Guam has become a critical nexus for trans-Pacific submarine cables—SEA-US, Echo, Bifrost, and Apricot all route through this 210-square-mile island. As geopolitical tensions have blocked connections to Hong Kong, the industry has shifted routes to the Philippine Sea, making Guam the single gateway between the U.S. mainland and Asia. If Ashburn represents America's eastern vulnerability, Guam represents the western one—and it's arguably worse. A coordinated attack on that single island, or an orchestrated fiber cut, could isolate the U.S. from its largest trading partners.

What is a cascading infrastructure failure?

A cascading failure occurs when a problem in one service causes failures in dependent services, which then cause failures in services that depend on them—creating a chain reaction. In the October 2025 AWS outage, a DNS issue affected DynamoDB, which underpins more than 100 other AWS services. The failure rippled through the ecosystem: Network Load Balancer monitoring failed → Load balancers couldn't route traffic → DynamoDB endpoints became unreachable → Lambda, S3, and other services failed → Even services in other AWS regions experienced failures due to control plane dependencies in US-EAST-1.

Who is suspected in the Baltic Sea cable sabotage incidents?

Multiple vessels linked to Russia and China are under investigation. The Chinese cargo ship Yi Peng 3 is suspected in the November 2024 C-Lion1 and BCS East-West Interlink cuts—it departed from the Russian port of Ust-Luga and maritime tracking placed it at the exact time and location of the damage. The Russian oil tanker Eagle S, believed to be part of Russia's "shadow fleet," was detained by Finland after the December 2024 Estlink cuts—investigators found Russian and Turkish language keyboards, sensor devices, and evidence the anchor was dragged 62 miles. German Defense Minister Boris Pistorius stated "no one believes these cables were cut accidentally."

Why is data center security considered an illusion?

The industry has spent billions fortifying the "castles" (data center facilities) with biometric scanners, mantrap doors, armed guards, and compliance certifications—while leaving the "roads" (physical fiber infrastructure) leading to them utterly exposed. We build $100 million facilities with 2N power redundancy and N+1 cooling, yet connect them via shared physical pathways vulnerable to low-tech sabotage. It doesn't require a sophisticated cyberattack: a state actor with access to the right manholes could destroy connectivity with a small incendiary device. The security theater at the perimeter means nothing when the fiber can be cut miles away.

How much global internet traffic goes through submarine cables?

99% of intercontinental internet traffic moves through submarine cables. These cables are the physical backbone of the global internet, not satellites. Approximately 150-200 underwater cable damage incidents happen per year worldwide—about three cable repairs per week—mostly from anchoring and fishing. However, the recent cluster of Baltic Sea incidents and the pattern of cuts near Taiwan suggest deliberate targeting. The vulnerability is amplified by route concentration: a few cables serving entire regions means limited redundancy for countries dependent on single cable systems.

What is the insider threat to data center security?

Data centers showcase security theater—biometric readers and vehicle barriers—but face a fundamental economic reality. The average security guard protecting billion-dollar infrastructure assets earns $19-23 per hour. The security industry sees a 50.8% annual turnover rate. When a guard making $40,000 a year is offered $100,000 to look the other way for ten minutes, the economics of bribery heavily favor the attacker. That biometric reader is only as reliable as the underpaid guard watching the mantrap. Insider threats pose substantial risk in both physical and cybersecurity realms.

What economic impact could a coordinated infrastructure attack cause?

The $9 trillion in daily global trade that depends on internet connectivity could grind to a halt. If we game out a coordinated physical attack on fiber interconnections, immediately, major cloud applications become unreachable. Minutes later, DNS resolution failures cascade globally as authentication systems and CDN origins go dark. The October 2025 AWS outage alone cost an estimated $75 million per hour. A physical attack on Ashburn's fiber convergence points or Guam's submarine cable landing stations wouldn't just take down one region—it would trigger unpredictable cascading failures across the global internet economy. As the World Economic Forum warns, escalating geopolitical tensions pose significant risks to critical infrastructure.

____________________________________

Tony Grayson is a recognized Top 10 Data Center Influencer, a successful entrepreneur, and the President & General Manager of Northstar Enterprise + Defense.

A former U.S. Navy Submarine Commander and recipient of the prestigious VADM Stockdale Award, Tony is a leading authority on the convergence of nuclear energy, AI infrastructure, and national defense. His career is defined by building at scale: he led global infrastructure strategy as a Senior Vice President for AWS, Meta, and Oracle before founding and selling a top-10 modular data center company.

Today, he leads strategy and execution for critical defense programs and AI infrastructure, building AI factories and cloud regions that survive contact with reality.