Andy, you raise some excellent points. While I don't know, my guess would also be that the facilities are not ready for a military-style attack. As we've seen throughout the world, you don't need a government military to carry out a military-style attack. Another valid point is that because of the scale of these facilities, they are much more of a high-value target than most companies. Attacks on infrastructure aren't unheard of in the world today, and this falls into that category. This type of target also has the potential to impact a large number of companies all at once. I don't claim to understand the many different goals of terrorism in the world, but these large and valuable facilities would seem to fit the bill.
Of course, an event like this would likely be categorized as an "act of war", which brings me to another type of terrorism - the lawyers. The terms and conditions documents and contracts are unbelievable. The essentially exist to indemnify the host corporation and absolve them of any and all responsibility for anything. I understand the overly-litigious nature of business today makes things ridiculous for anyone to do business, but denying responsibility for absolutely everything makes it a hard pill to swallow when you're asked to spend so much for a service. Most companies act well, but by the time the bad ones are discovered, how many people have lost their data and have no hope of recovery because they thought it was being taken are of?
Great article, Andy.