Oracle & Bastille: The Wireless Era of Data Centre Security

There are more than 4,400 documented wireless-related Common Vulnerabilities and Exposures (CVEs) listed in the US Government’s National Institute of Standards and Technology (NIST) National Vulnerability Database. 

These vulnerabilities span Bluetooth, Wi-Fi, IoT protocols, cellular communications and other radio frequency-based technologies. While patches exist for some, many remain unresolved. More concerning, however, is this: even when patches are available, wireless infrastructure is rarely managed with the same rigour as wired networks.

Data centres have spent decades hardening their wired environments. Firewalls, segmentation, zero-trust architectures, IDS/IPS and continuous vulnerability management are standard practices. Patch management for servers, routers and switches is mature and well governed.

Wireless clients, on the other hand, are not. In fact, many wireless devices use one-write firmware that cannot be updated, patched, or replaced when new vulnerabilities are discovered. This leaves a substantial amount of high-value infrastructure vulnerable to attacks from nation state actors and foreign government-backed criminal groups.

Bluetooth radios embedded in servers. Wi-Fi access points in adjacent office spaces. Rogue IoT devices. Cellular hotspots. Unauthorised wireless peripherals. These technologies create an expansive and largely unmonitored attack surface that exists outside traditional network controls.

Unlike wired traffic, wireless signals do not respect physical boundaries. They pass through walls, fences and security perimeters. An adversary does not need to breach a firewall if they can exploit a vulnerable radio frequency (RF) emitter from the parking lot.

The AI-enabled adversary

Nation state actors, and increasingly, the sophisticated criminal organisations they sponsor or harbour, are now applying artificial intelligence to offensive cyber operations.

Wireless environments are uniquely susceptible to AI-driven attacks.

An AI system does not need to guess which vulnerability might work. It can systematically test every known wireless CVE against every discoverable emitter within range. Thousands of vulnerabilities. Hundreds of devices. Continuous iteration. Autonomous adaptation.

Most exploit attempts will fail.

But at machine-scale, brute-force vulnerability attacks become statistically powerful. Where a human attacker might abandon an avenue after several failed attempts, AI persists, probing firmware weaknesses, misconfigurations, protocol flaws and unpatched stacks until it finds one that yields access.

And once inside a wireless vector, an adversary may bypass traditional perimeter defences entirely.

For AI-driven data centres, facilities that represent some of the most strategically valuable digital infrastructure on the planet, the implications are significant. These data centres are not simply enterprise assets. They are geopolitical assets.

A threat long understood by government and defence

Government intelligence communities, military organisations and national law enforcement agencies have understood the wireless threat landscape for decades.

Secure facilities such as SCIFs, SAPFs, and military data centres have long deployed wireless airspace monitoring systems to detect and neutralise unauthorised emitters and RF-based attacks. Airspace cybersecurity has been treated as a foundational security layer alongside physical security and network defence.

In high-security government environments, wireless signals are not ignored, they are continuously monitored, classified and controlled.

Until recently, most commercial data centres did not adopt this model.

AI data centres: A new category of target

AI data centres operate at unprecedented scale. They concentrate massive compute density, proprietary model weights, sensitive training datasets, and intellectual property that may represent billions of dollars in value.

These facilities have always known that their primary adversaries would not be opportunistic hackers, but nation-state actors with strategic intent amid the global AI race.

As a result, a new tier of AI-focused data centres has begun deploying military-grade wireless airspace cybersecurity systems to extend their security posture beyond the wired networks. 

This approach treats the RF spectrum as a managed security domain, no different from a network segment or a physical perimeter.

It provides:

• Continuous discovery of all wireless emitters in and around the facility
• Identification of rogue, misconfigured, or unauthorised devices
• Detection of active exploitation attempts targeting wireless protocols
• Visibility into Bluetooth, Wi-Fi, cellular and IoT activity in real time
• Integration with SOC workflows and security analytics platforms

In effect, it closes the invisible gap between physical security and network security.

Paul Calatayud, Voltscape CEO and AI data centre expert, notes the industry shift: “Frontier AI companies are now requiring wireless airspace cybersecurity from their hosting partners.”

“Oracle and Bastille are establishing the standard others will be measured against,” he adds.

The Bastille-Oracle collaboration: A global shift

The collaboration between Bastille and Oracle represents the largest known global deployment of wireless airspace cybersecurity protection for AI data centres. 

Mahesh Thiagarajan, EVP at Oracle Cloud Infrastructure (OCI), emphasises the necessity of this move. “Oracle is committed to maintaining the highest security standards for its cloud infrastructure,” he explains.

“Our work with Bastille reflects our ongoing focus on delivering secure environments where our customers’ most valuable data and workloads are protected.”

By integrating airspace visibility into hyperscale AI infrastructure, the partnership acknowledges a critical reality: the attack surface of modern data centres extends beyond fibre and copper. It extends into the air.

As AI accelerates both innovation and adversary capability, defensive architectures must evolve accordingly. Traditional perimeter controls are necessary, but no longer sufficient.

The next generation of data centre security will not only monitor packets and endpoints. It will monitor the entire spectrum.

Because in the AI era, what you cannot see can hurt you.

How is Bastille deploying wireless airspace cybersecurity across Oracle's global hyperscale AI data centres? 

Chris Risley, CEO of Bastille, contextualises the partnership: “We have worked with Oracle for years, and their approach to protecting their clients’ intellectual property from wireless threats has consistently set high standards in the hyperscale industry.

“Bastille’s experience in protecting information for the Intelligence Community and Department of Defense has prepared us for this new AI era. As AI data centres become critical infrastructure, the risk of attacks continues to grow. By working with Bastille, Oracle adds an extra layer of protection beyond traditional perimeter security.”

The collaboration represents a global enterprise deployment spanning Oracle’s previously announced plan to build 37 new AI data centres across the Americas, Europe and Asia. Wireless Airspace Cybersecurity is now a necessity for the responsible operation of AI infrastructure by hyperscalers across the globe.

Real-time wireless/RF threat monitoring and mitigation is becoming an important best practice for protecting critical AI infrastructure.

Bad actors no longer need to get past gates, guards and guns to breach a facility – wireless and radiofrequency threats can go through walls and other barriers.

They only need a well-placed transmitter, a cell phone or a smart watch to steal ideas, money and intellectual property via wireless attacks undertaken by AI.