A regional water utility serving 420,000 people is locked out of its control systems by ransomware. Pay the $18M — or refuse and rebuild? We put it to 23 AI models across three clouds. They split 10-to-9. The recommendation: refuse.
"Should we pay?" sounds like a one-line decision. It isn't. A ransom call on critical infrastructure forces a board to balance public safety, sanctions law, insurance, engineering reality and human endurance simultaneously — under a countdown clock. The scenario mirrors real incidents: Colonial Pipeline, municipal water systems, and hospital and city-government ransomware. No detail in the prompt hinted at a "right" answer.
420,000 people depend on the water supply. Paying may restore control fastest — but a fast decision made under a four-day deadline is exactly when boards make expensive mistakes.
Paying a possibly-sanctioned criminal group can violate OFAC rules. Whether this actor is on a sanctions list — and whether payment is even lawful — was a decisive unknown, not a footnote.
Refusing means running SCADA by hand for weeks to months. That keeps the water flowing now, but operator fatigue, human error and maintenance debt compound the longer systems stay down.
This analysis ran on the platform's multi-cloud architecture: AI models from AWS Bedrock, Microsoft Azure AI Foundry and Google Vertex AI orchestrated inside a single decision pipeline — one of the first published cases to span all three clouds. Every model below appears in the run's per-call metering log — 1,036 metered calls in total.
Grok 4.2 held the Contrarian seat and dissented from the final recommendation.
Gemini 2.5 Pro served as one of the rotating ensemble coordinators.
The final deliberation panel seated 19 analysts, each holding a dedicated role — risk officers, financial stress-testers, regulatory and sanctions specialists, long-horizon forecasters, devil's advocates. The strongest sign the debate is real: analysts moved. Twelve shifted position during the deliberation, and the panel finished split almost down the middle.
The disagreement was structural, not incidental. The platform's three mandatory adversarial seats each pushed against the majority — the point of those seats is to make sure a near-even call never gets rounded up into false consensus.
A decision-maker shouldn't have to guess which statements are backed by research and which are assumptions. Findings are labeled VERIFIED / INFERRED / ASSUMED / UNKNOWN so the evidentiary weight of the recommendation is visible — and so the questions the system genuinely couldn't answer are surfaced, not buried.
"SCADA ransomware recovery takes 2 weeks to 5 months" — verified against real municipal incidents in Middletown, Dallas, Atlanta, Suffolk County and Baltimore. That range is what makes the manual-operations window the decisive risk.
Inferred from the incident record: the ransom figure is not the binding constraint — the length and manageability of the recovery period is. The recommendation is built around shortening and stabilizing that window.
Rather than assume, Discovery asked for what it actually needed before deciding: OFAC/sanctions legal clearance, whether the $25M cyber-insurance policy covers this attack, and whether manual operations are sustainable for 4–9 months. Those answers materially moved analysts.
The report documents the near-even 10–9 split, why twelve analysts changed position, and which risks remain unresolved — instead of forcing a false consensus. The strong pay-side minority is on the record.
Case 2026-0053, exactly as delivered: the plain-language call, the conditions, the 10–9 panel vote, and the named dissent on page one. 1,036 API calls · 23 AI models · 18 minutes.