Resources Webinar

The Invisible Attack Surface: Securing AI Data Centers from Wireless Threats

 

AI adoption is forcing a fundamental shift in capital, asset valuation, and power requirements. The stakes have never been so high or so concentrated. At the same time, wireless threats are growing exponentially. 

This new reality of GPU-dense facilities, massive power requirements, and automation are pushing organizations toward a new standard: shared AI infrastructure.

The most sensitive data organizations possess—intellectual property, models, simulations, and decision logic—are now processed in multi-tenant AI data centers that depend heavily on wireless connectivity for monitoring, orchestration, and control. Understanding the emerging threat landscape is essential before it becomes a problem.

This is the second webinar in a multi-part series examining AI data center security from first principles through operational reality. The series is educational and discussion-focused, designed to help organizations understand emerging risk before it becomes a problem.

What You’ll Learn in this Webinar

  • How much power demands, capital, and assets have increased
  • Where the threat landscape is changing (hint: more wireless threats)
  • How automated and remote controlled environments introduce new risk
  • What you need to know about CAASM, Zero Trust, and Continuous WIDS
  • Why organizations like Oracle are choosing Bastille

Who Should Attend

This session is designed for professionals responsible for AI infrastructure, data center security, and enterprise technology strategy, including:

  • CISOs and cybersecurity leadership at organizations deploying AI infrastructure
  • Data center operators and facility security managers
  • CTOs and technical leaders evaluating AI deployment strategies
  • Physical security and operations teams overseeing critical infrastructure
  • Enterprise architects and infrastructure planners
  • Risk management and compliance professionals in AI-intensive industries

Speakers

  • Justin Fry: CMO, Bastille
  • Dr. Brett Walkenhorst: CTO, Bastille
  • Bill Kleyman: CEO, Apolo

Video Highlights & Takeaways

The Modern Day Crown Jewels – AI Data Centers

Bill and Brett discussed how the infrastructure and its assets and valuation are changing due to the rise in demand for AI Data Centers. This shift is driven by the extreme density of GPUs,, necessitating massive power infrastructure.

  • Unheard of Power Scale: Projects are reaching massive scales, with Bill noting current racks have gone from 27kW to 600kW.
  • Capital Shift: A single rack can hold 6 ultra-dense GPU nodes at $400k each, representing a $55M+ investment in a single cluster.
  • Irreplaceable Assets: Bill shares stories of AI data centers who tragically lost everything.

The Dangerous Illusion of the Air Gap

A central theme was the inevitability of a rogue wireless device entering sensitive areas. According to Brett, “Unless you’re monitoring continuously, you have a wireless in your environment you don’t know about,” which Bill echoed with “100% certainty.”

  • Shadow Devices: AI data centers’ operational complexity relies heavily on undocumented, legacy, and shadow wireless devices that traditional SecOps can’t see.
  • Beyond Wi-Fi: BLE (Bluetooth Low Energy), Zigbee controls and sensors, LoRaWAN remote facility monitoring, and Rogue Cellular towers and hotspots all bring racks to the outside world.
  • Advanced Spyware: Interfaces can be remotely hijacked, turning a trusted employee’s phone into a remote RF attack platform.

Attackers’ Advantage: Exponential Vulnerability

The conversation highlighted that the assets protected in these facilities are under immense threats from wireless CVEs

  • Independent Growth: Wireless CVEs have grown over 230x since 2010.
  • Why Wireless? When you look at wireless versus overall CVEs, wireless threats are expanding 20x faster as more and more devices are enabled with RF capabilities like Bluetooth and Wi-Fi.
  • Exponential Moment: In both 2024 and 2025, we saw a 25% increase in wireless CVEs – an explosive spike happening now that hasn’t happened before.

Strategic Takeaways and Solutions

The panel concluded that attempting to secure a megawatt AI factory with legacy wired-only security postures is impossible. The industry standard is shifting toward active RF visibility and analytics.

  • Cyber Asset Attack Surface Management: You need to find the unknown, automatically inventory every RF-emitting device across the facility, and categorize risk.
  • Segment the Airspace: Trust nothing, verify everything. Extend Zero Trust beyond the wire with legacy device quarantines, and lateral movement prevention.
  • Continuous WIDS & SecOps Integration: Real-time anomaly detection is crucial with the speed of attackers and the value of data at risk.

Transcript

Here is the cleaned-up and corrected transcript, organized into logical paragraphs and formatted for easy reading.

Welcome and Introduction

Brett Wachenhorst: Welcome, everyone, to today’s webinar. I am Brett Wachenhorst, CTO at Bastille Networks, and I’m joined by Bill Kleinman, CEO of Apollo. Today, we will be discussing the invisible attack surface—particularly securing AI data centers from wireless threats. Welcome, Bill.

Bill Kleinman: Thank you, Brett. I love the calm, peaceful tone you started with, especially since we are discussing something as serious as securing AI, data centers, and wireless threats. If there is an emergency, I would definitely want your voice telling everyone not to panic! We are going to go off-script a bit today. Brett and I love an interactive audience, so if you have a question or a comment, please pop it in the Q&A, and we will try to tackle those at the end.

Thank you for having me. I am the CEO of Apollo and the executive chair of data center programs over at Informa, where I help put on the Data Center World conference. While this topic might make you slightly uncomfortable, I encourage you to grab at least one golden nugget from this webinar and act on it. Ask a question and start a conversation because our industry is experiencing a massive moment of growth, bringing both benefits and serious security implications.

The Power Shift in the Data Center

Brett Wachenhorst: Thanks, Bill. We have been talking about wireless security here at Bastille for a long time. However, as data centers evolve and AI becomes the central operational focus, the story is changing. My background is in electrical engineering and wireless signal processing, so I like to look at the physics and protocols operating at the lowest levels to understand these threats.

Bill Kleinman: To understand the threat, we have to look at how much our infrastructure has changed. For the past ten years, I’ve authored the AFCOM State of the Data Center Report. In 1998, a standard rack consumed one kilowatt (kW) of power—you could cool it with a box fan and optimism. Ten years ago, the average rack density was 6.1 kW. Last year, it was 16 kW per rack. This year, we are seeing a 69% to 70% jump year-over-year.

Recently, Jensen Huang unveiled the NVL 576, which consumes 600 kW for a single rack. This isn’t just a power shift; it’s a capital shift. These facilities are now processing some of the world’s most valuable assets, moving from $5,000 servers to $500,000 servers. This exponential increase in value is going to attract attackers.

Brett Wachenhorst: Every data center is going to become an AI data center. It just depends on how quickly you get there and what systems you have to support it.

The New Threat Landscape and the Illusion of the Air Gap

Bill Kleinman: For nine years in a row, the AFCOM report showed ransomware and data exfiltration as the top concerns. But this year, for the first time in a decade, human threats—both accidental and malicious, from internal or external sources—have overtaken ransomware as the number one threat category. The perimeter is no longer just gates, fences, or the physical building. Operators have to look at how the perimeter is being bypassed, including threats coming from the sky.

Brett Wachenhorst: We aren’t downplaying ransomware, but the human factor is becoming massive. Because we are largely blind to how the perimeter is being bypassed, we often rely on the illusion of the air gap. Organizations assume they have minimized the wireless footprint within their data halls, but in every customer facility where Bastille has been deployed, we always find way more wireless activity than expected. Even with strict policies, unauthorized items make their way in.

Furthermore, even intentionally placed, secure wireless devices project signals that propagate right through the walls of your facility, expanding your perimeter far beyond the physical building. If you aren’t monitoring the wireless environment, you simply don’t know what is there.

The Unseen Wireless Landscape

Bill Kleinman: Every organization will experience some kind of malicious event, but whether it results in data loss depends on your visibility and architecture. Alongside Shadow IT and Shadow AI, we are now dealing with shadow wireless devices. Hope is not a good strategy. I once knew of a newly constructed data center where a contractor maliciously left paperclips near critical power phase connections. If the facility had been electrified before those were discovered, the outcome would have been catastrophic.

We face similar risks with the unseen wireless landscape. Contractors, visitors, or malicious actors can easily leave behind small, easily hidden rogue devices—like tiny Wi-Fi access points or Bluetooth Low Energy (BLE) trackers.

Brett Wachenhorst: The sheer volume of available devices makes this incredibly easy. There are an estimated 20 billion Wi-Fi interfaces and upwards of 80 billion Bluetooth interfaces in the world today. Inside a typical data hall, you might find smart PDUs, biometric scanners, unmanaged IoT devices, smartphones, smartwatches, and wireless earbuds. All these devices are constantly emitting signals, allowing anyone close enough to map networks, conduct surveillance, and identify targets.

Smartphone Spyware and AI-Accelerated Attacks

Brett Wachenhorst: Smartphones are particularly dangerous because they speak multiple protocols. If an attacker compromises a device via Bluetooth, they can pivot to Wi-Fi or cellular networks. Smartphone spyware, often utilizing “zero-click” attacks where no user interaction is required, can drop a payload that turns the device into a complete surveillance tool. These highly sophisticated capabilities, once reserved for nation-states, are now in the hands of Advanced Persistent Threats (APTs).

Bill Kleinman: The advent of Generative AI has made this even more dangerous. Tools like ChatGPT or Claude make it fundamentally easier to create multi-homed Trojan horses. Malicious actors can position a device, scan for outdated wireless firmware, and use an LLM to instantly write custom injection or exfiltration scripts. The timeline from observation to action has collapsed drastically. Data isn’t stolen in weeks or months anymore; it’s gone in hours.

Physical Breaches and Vulnerability Growth

Brett Wachenhorst: A prime example of bypassing physical security is the use of drones. A few years ago, a drone landed on the roof of a target facility and used its payload to conduct a wireless attack, penetrating the network from above without ever crossing a physical door. According to a recent Bastille threat report tracking data from 2010 to 2025, wireless CVEs (Common Vulnerabilities and Exposures) have grown 230 times their original volume, which is 20 times faster than the overall CVE growth rate. Offensive researchers and threat actors are paying close attention to this space.

We recently observed a scenario where an actor brought a mobile hotspot into a data hall, connected a small dongle to a server rack, and established an ongoing exfiltration path using the hotspot’s cellular connection. Unless you have visibility into the RF spectrum, this simple bypass goes completely unnoticed.

Bill Kleinman: Radio frequency (RF) is now a critical part of your security perimeter. We must ask ourselves: how prepared are we for a drone landing on the roof? As our industry scales into new locations, we cannot let attackers get ahead of us.

The Cost of Blind Spots and Defensive Strategies

Bill Kleinman: The average cost of a data breach in the U.S. is $10.2 million. However, global IP theft is a multi-billion-dollar industry. If an enterprise loses its intellectual property, the cost can range from $100 million to a billion dollars. There are documented cases where data centers lost absolutely everything due to ransomware and improperly secured architectures. While a data breach is a financial event, IP loss is an existential one.

Brett Wachenhorst: The solution starts with closing the visibility gap. There are three main pillars to this defense:

  1. Cyber Asset Attack Surface Management (CAASM): Identify what devices are out there and what your wireless technical debt looks like.
  2. Segmentation and Zero Trust: Apply zero-trust principles to the wireless attack surface. Trust nothing and verify everything.
  3. Continuous Monitoring: Integrate RF spectrum scanning with your existing SecOps workflows to identify and mitigate anomalous behavior in real time.

Audience Q&A and Conclusion

Brett Wachenhorst: We have a few questions coming in. For the students listening today, the most important takeaway is to adopt Zero Trust principles. Understand what is on your network, but only grant it the access it absolutely needs to function.

Regarding drone threats, you can expand physical security with radar designed for small airspace objects, and employ RF spectrum scanning to detect the malicious wireless emissions coming from the drone itself. Finally, to close the wireless visibility gap for unmanaged devices, you must continuously monitor the airwaves. You cannot just rely on traditional intrusion detection; you need radios scanning the spectrum and analytics making sense of those emissions.

Bill Kleinman: To conclude, I encourage everyone to ask whether you are protecting the very things that make your business worth defending in the first place. When your intellectual property walks out the door, you lose years of innovation, future revenue, and your competitive advantage. Keep asking those difficult questions and take steps to illuminate your blind spots.

Brett Wachenhorst: You said that perfectly, Bill. I don’t want to add anything to mess it up! Thank you so much for your perspectives, and thank you to everyone for joining us today.

We’d love to show you around

Learn how Bastille can help you prepare you for today’s ever-growing wireless threat landscape, and schedule a demo and we’ll be in touch shortly.