🐾3Dogs NexusStructured Decision Intelligence
Case study · critical infrastructure under ransomware

Pay the ransom, or rebuild? 23 AI models split 10-to-9.

A regional water utility serving 420,000 people is locked out of its control systems by ransomware. Pay the $18M — or refuse and rebuild? We put it to 23 AI models across three clouds. They split 10-to-9. The recommendation: refuse.

1,036
API calls in one analysis
23
AI models · 11 vendors
3
clouds: AWS · Azure · Google
18 min
end to end
12
analysts changed their minds
The decision on the table: A regional municipal water utility serving 420,000 people is locked out of its SCADA control systems by ransomware, with a four-day deadline to pay an $18M demand. Pay to restore operations fast — or refuse and rebuild — while public safety, OFAC sanctions law, cyber-insurance uncertainty and weeks of manual operations all hang in the balance?
Case 2026-0053 · production Critical infrastructure · municipal water July 14, 2026
Act 1 · The trap

A simple yes/no that hides six colliding pressures

"Should we pay?" sounds like a one-line decision. It isn't. A ransom call on critical infrastructure forces a board to balance public safety, sanctions law, insurance, engineering reality and human endurance simultaneously — under a countdown clock. The scenario mirrors real incidents: Colonial Pipeline, municipal water systems, and hospital and city-government ransomware. No detail in the prompt hinted at a "right" answer.

1

Public safety vs. the clock

420,000 people depend on the water supply. Paying may restore control fastest — but a fast decision made under a four-day deadline is exactly when boards make expensive mistakes.

2

The law may make "pay" illegal

Paying a possibly-sanctioned criminal group can violate OFAC rules. Whether this actor is on a sanctions list — and whether payment is even lawful — was a decisive unknown, not a footnote.

3

Manual operations buy time — and become the risk

Refusing means running SCADA by hand for weeks to months. That keeps the water flowing now, but operator fatigue, human error and maintenance debt compound the longer systems stay down.

The engine · a multi-cloud run

23 models. 11 vendors. Three clouds. One debate.

This analysis ran on the platform's multi-cloud architecture: AI models from AWS Bedrock, Microsoft Azure AI Foundry and Google Vertex AI orchestrated inside a single decision pipeline — one of the first published cases to span all three clouds. Every model below appears in the run's per-call metering log — 1,036 metered calls in total.

AWS Bedrock18 MODELS
Amazon Nova ProAmazon Nova LiteAmazon Nova 2 LiteAmazon Nova Micro Mistral Large 3Mistral Pixtral Large Meta Llama 4 Maverick Alibaba Qwen3-235BAlibaba Qwen3-Next-80BAlibaba Qwen3-32B NVIDIA Nemotron Super 3 OpenAI gpt-oss-120B Moonshot Kimi K2.5 Z.AI GLM-5 Google Gemma 3 27BGoogle Gemma 3 12BGoogle Gemma 3 4B Writer Palmyra X5
Microsoft Azure3 MODELS
OpenAI GPT-5 mini xAI Grok 4.2 Moonshot Kimi K2.6

Grok 4.2 held the Contrarian seat and dissented from the final recommendation.

Google Vertex AI2 MODELS
Google Gemini 2.5 Pro Google Gemini 2.5 Flash-Lite

Gemini 2.5 Pro served as one of the rotating ensemble coordinators.

Rotating coordinators: orchestration of the ensemble panels rotated across foundation models from different vendors — Mistral Large 3, Amazon Nova Pro and Google Gemini 2.5 Pro — so no single model's leadership style or bias sits permanently in the chair. Different analysts debating and different coordinators running the debates.
Act 2 · The run

A 19-seat panel. Twelve changed minds. A 10–9 verdict.

The final deliberation panel seated 19 analysts, each holding a dedicated role — risk officers, financial stress-testers, regulatory and sanctions specialists, long-horizon forecasters, devil's advocates. The strongest sign the debate is real: analysts moved. Twelve shifted position during the deliberation, and the panel finished split almost down the middle.

The call — from the delivered report
"REFUSE the ransom — launch phased SCADA restoration immediately."
PROCEED — refuse to pay, and begin a phased SCADA restoration; secure OFAC/legal clearance and confirm cyber-insurance coverage in parallel, with a sustainable manual-operations plan for the recovery window.
How the final 19-analyst panel voted · Moderate confidence
10 proceed-with-conditions9 reject
The dissent, on page one: a 9-seat minority held that the refuse-and-rebuild path carried unacceptable operational risk — a restoration that historically runs 2 weeks to 5 months under manual operations, with public-safety exposure and operator fatigue mounting the longer systems stay down. Named, argued, and printed alongside the recommendation.

The disagreement was structural, not incidental. The platform's three mandatory adversarial seats each pushed against the majority — the point of those seats is to make sure a near-even call never gets rounded up into false consensus.

Nova Pro
Devil's Advocate
Dissented — reject
Argued the manual-ops recovery window exposed the utility to more risk than a controlled payment path.
Nemotron Super 3
Risk Officer
Dissented — reject
Held that operator fatigue and human-error risk over a months-long restoration were underweighted.
Grok 4.2
Contrarian
Dissented — reject
Challenged the assumption that refusal was clearly safer for a system 420,000 people depend on.
The standout insight — manual operations are both the solution and the risk. They buy time immediately, keeping water flowing while systems are rebuilt. But over weeks the operator-fatigue, human-error and maintenance-debt curve becomes the dominant threat. That second-order, systems-level read of the situation — not a restated pros-and-cons list — is exactly what strategic intelligence should surface.
Discipline under pressure. Presented with criminals, millions of dollars and critical infrastructure, the panel never drifted into "movie solutions," offensive cyber or vigilantism. It weighed only lawful, board-available courses of action — the disciplined behavior a real executive committee is supposed to hold to.
Act 3 · The evidence discipline

Every claim is tagged for what supports it

A decision-maker shouldn't have to guess which statements are backed by research and which are assumptions. Findings are labeled VERIFIED / INFERRED / ASSUMED / UNKNOWN so the evidentiary weight of the recommendation is visible — and so the questions the system genuinely couldn't answer are surfaced, not buried.

VERIFIEDRestoration timelines are the crux

"SCADA ransomware recovery takes 2 weeks to 5 months" — verified against real municipal incidents in Middletown, Dallas, Atlanta, Suffolk County and Baltimore. That range is what makes the manual-operations window the decisive risk.

INFERREDThe real threat is duration, not the ask

Inferred from the incident record: the ransom figure is not the binding constraint — the length and manageability of the recovery period is. The recommendation is built around shortening and stabilizing that window.

VERIFIEDThe clarification loop earned its keep

Rather than assume, Discovery asked for what it actually needed before deciding: OFAC/sanctions legal clearance, whether the $25M cyber-insurance policy covers this attack, and whether manual operations are sustainable for 4–9 months. Those answers materially moved analysts.

VERIFIEDDissent preserved, not averaged

The report documents the near-even 10–9 split, why twelve analysts changed position, and which risks remain unresolved — instead of forcing a false consensus. The strong pay-side minority is on the record.

The delivered report

Case 2026-0053, exactly as delivered: the plain-language call, the conditions, the 10–9 panel vote, and the named dissent on page one. 1,036 API calls · 23 AI models · 18 minutes.