Expanding Security Risks for AI Firms

KEY INSIGHTS

Artificial Intelligence (AI) firms face layered and increasing security challenges. Exposure is widening across executive protection, data center dependency, utility resilience, and geopolitical disruption. We assess the impact of state-sponsored targeting, espionage, activist pressure, grievance-driven lone-actor targeting, and operational friction around visible AI infrastructure and personnel is highly likely to continue expanding.

ANALYSIS

AI firms now operate in a complex, layered threat environment with multiple potential threat actors. State and state-linked actors can physically or digitally attack or disrupt infrastructure and operations. Activist networks can use planning processes, litigation, political mobilization, and public pressure to delay developments or conduct sabotage. Lone actors and extremists can also translate grievance into disruptive actions.

As AI deployment expands, its physical footprint becomes more visible and, in turn, more contested. Anti-AI sentiment is growing, and data centers have become a flashpoint because they are the most visible physical expression of AI’s expansion. Across Western states, domestic opposition activism is growing. In the United States, Data Center Watch identified 48 blocked or delayed projects in 2025, with $156 billion in affected potential investment and active opposition across 42 states in Q4 2025.

This visibility is increasing pressure on senior leaders. Against a backdrop of rising anti-AI sentiment, risks to AI executives are also increasing. Recent attacks against Sam Altman indicate the growing security challenge: within 46 hours, Sam Altman’s San Francisco home was targeted twice. This follows previous security incidents targeting Mr. Altman and OpenAI offices, including when OpenAI locked down its San Francisco offices and told staff to shelter in place after authorities linked threats to Stop AI cofounder Sam Kirchner.

Exposure does not end with visible leadership or site perimeters. AI programs rely on substations, transmission works, cooling systems, network hardware, cable routes, and logistics chains, creating multiple opportunities for disruption across supporting infrastructure. In January 2026, an arson attack in Berlin on bundled power cables left approximately 100,000 people without electricity or heating, claimed partly motivated by opposition to AI data centers.

Iran’s public kinetic targeting of data centers across the Gulf indicates a deliberate uptick in such threats. The Islamic Revolutionary Guard Corps published a list of “legitimate targets” which included the offices and infrastructure of U.S. technology companies. Since Russia’s 2022 full-scale invasion of Ukraine, at least 151 acts of hybrid warfare have been conducted across Europe, including acts of arson and infrastructure sabotage.

RECOMMENDATIONS

  • Plan for security pressure to emerge simultaneously across people, sites, and supporting infrastructure.
  • Consider broadening security and protective intelligence provisions ensuring to include residences, travel, digital exposure, and family routines in risk assessments.
  • Test resilience beyond the site perimeters, particularly across utilities, telecoms, cable routes, and key suppliers.
  • Maintain situational awareness and monitor the risks posed by domestic opposition and activism into expansion planning and project timelines.
  • Prepare and monitor for geopolitical escalations to increase pressure on commercial AI infrastructure.

Authored by: Oliver Maund

Related Posts