The £300M Question: Are Your AI Systems Ransomware-Ready?

M&S Lost £300M. Co-op "Yanked Their Own Plug." Both Face the Same AI Challenge.
Pattern matching detects threats it already recognises, while pattern mismatching flags activity that deviates from a system's established baseline, and AI-dependent organisations need both because attackers now evolve faster than known signatures can be catalogued. In April 2024, DragonForce ransomware attacks hit M&S, Co-op, and Harrods within weeks. The damage was stark: M&S suffered around £300 million in losses, while Co-op avoided ransomware deployment by shutting down systems immediately, though hackers still claimed to steal data from 20 million customers.
As the attackers told the BBC: "Co-op's network never suffered ransomware - they yanked their own plug, tanking sales, burning logistics and torching shareholder value."
Both companies now face the same critical question: How do you rebuild AI-dependent operations after ransomware?
The Hidden Challenge: AI Systems in Modern Retail
Supermarkets are classified as critical national infrastructure, with huge retail footprints and just-in-time supply chains making any system disruption potentially catastrophic. But what isn't widely understood is how AI-dependent these operations have become:
Supply Chain Intelligence: AI predicts demand, optimizes inventory, manages logistics
Payment Processing: AI detects fraud, processes transactions, manages customer data
Customer Experience: AI personalizes recommendations, manages loyalty programs, optimizes pricing
Security Monitoring: AI systems monitor for threats, analyze patterns, manage access controls
When ransomware hits, these AI systems are compromised, shut down, or require complete rebuilding.
The "Yank the Plug" Dilemma
Co-op's decision to immediately shut down systems prevented ransomware deployment but created massive operational disruption. Visits to stores found M&S shelves well-stocked while Co-op's were "practically bare" - illustrating the operational cost of rapid system shutdown.
The strategic dilemma: Fast shutdown prevents ransomware but destroys AI-dependent operations. Slower response allows deeper system compromise but maintains operational continuity longer.
Either way, you face the same challenge: rebuilding AI systems you can trust.
Why Traditional Security Misses the AI Recovery Challenge
Modern ransomware groups like DragonForce use sophisticated techniques including Cobalt Strike, lateral movement tools, and encrypted payloads derived from LockBit and Conti codebases. Security teams focus on detecting and preventing these intrusions.
But ransomware recovery requires different capabilities:
Post-Attack AI Validation: How do you verify rebuilt AI systems aren't compromised or biased?
Compliance Verification: Can you prove your reconstructed AI systems meet regulatory requirements?
Operational Trust: How do you know your AI-driven supply chain, payment processing, and customer systems are functioning correctly?
Stakeholder Confidence: Can you demonstrate to regulators, customers, and shareholders that your AI operations are secure and compliant?
The Pattern Matching vs. Behavioural Intelligence Gap
Traditional security tools excel at detecting known attack patterns, but sophisticated ransomware groups continuously evolve their techniques. The Scattered Spider group behind these attacks has previously hit MGM, Twilio, Coinbase, and other major organizations, constantly adapting their approach.
For AI systems, this creates a fundamental blind spot:
During Attack: Security tools may detect ransomware deployment but not AI system manipulation
During Recovery: Traditional monitoring can't validate that rebuilt AI systems are functioning correctly
Post-Recovery: Standard security doesn't verify AI compliance, fairness, or regulatory adherence
Real-World Consequences: The £440M Impact
The UK Cyber Monitoring Centre estimated that attacks on M&S and Co-op could cost up to £440 million combined. But this figure only captures immediate operational losses, not the long-term risks of compromised AI systems:
Regulatory Penalties: EU AI Act penalties reach up to EUR 35 million or 7% of global turnover for the most serious breaches
Customer Trust: AI bias or privacy violations can destroy brand value built over decades
Operational Risk: Compromised AI systems can make poor decisions for months before detection
Competitive Disadvantage: Slower AI recovery means competitors gain market advantage
The AI-Ready Ransomware Defence Strategy
Immediate Response Capability:
Rapid AI System Assessment: Quickly evaluate which AI systems are compromised vs. salvageable
Priority Recovery Planning: Identify critical AI functions for fastest restoration
Compliance Validation: Ensure rebuilt systems meet regulatory requirements from day one
Post-Attack AI Verification:
Behavioural** Analysis**: Verify AI systems are making decisions correctly after restoration
Bias Detection: Ensure AI systems haven't been manipulated to discriminate or behave unfairly
Regulatory Compliance: Provide evidence-based documentation that AI systems meet legal requirements
Stakeholder Assurance: Demonstrate to customers, regulators, and investors that AI operations are trustworthy
An AI-Ready Approach to Ransomware Recovery
Traditional cybersecurity focuses on preventing and detecting attacks. AI compliance requires validating and verifying rebuilt systems work correctly.
In our advisory work, this means:
Post-Recovery Validation: Structured assessment across Transparency, Accountability, Fairness, Privacy, Safety, Security, and Social Impact dimensions
Behavioural Assessment: Testing designed to detect subtle AI manipulation that might survive ransomware recovery
Regulatory-Ready Documentation: Compliance evidence that satisfies regulators and auditors about AI system integrity
Independent Validation: Advisory review that sits apart from the cybersecurity vendors and AI implementation firms who rebuilt the system, giving an independent check on post-attack integrity
Strategic Implications for Retail Leadership
The New Reality: The hacking group behind Co-op told the BBC they had "put UK retailers on the Blacklist", while Google warned that US retailers may be next targets.
Risk Assessment Questions:
For CISOs: Can you verify AI system integrity after ransomware recovery?
For CTOs: How quickly can you rebuild trusted AI operations post-attack?
For Chief Risk Officers: What's your regulatory exposure if recovered AI systems violate compliance requirements?
For CEOs: Are you prepared for the operational and reputational costs of compromised AI recovery?
The Competitive Advantage of AI-Ready Recovery
Co-op's proactive shutdown was widely seen as an effective containment strategy, but it created massive operational disruption. M&S maintained operations longer but suffered deeper system compromise.
Organizations with AI-ready ransomware recovery capabilities can:
Respond Faster: Quick assessment of AI system damage enables targeted recovery
Rebuild Stronger: Ensure post-attack AI systems are more resilient and compliant than before
Maintain Trust: Provide stakeholder assurance that operations are secure and regulatory-compliant
Competitive Advantage: Resume full AI-enhanced operations while competitors struggle with basic recovery
Beyond Traditional Incident Response
The CMC classified the M&S and Co-op attacks as a "Category 2 cyber hurricane" with "narrow and deep" impact, warning that business interruption costs can be extreme.
Traditional incident response asks: "How do we restore operations?" AI-ready recovery asks: "How do we rebuild operations we can trust?"
This requires specialized capabilities beyond conventional cybersecurity:
AI System Forensics: Understanding what happened to AI decision-making processes
Compliance Reconstruction: Rebuilding AI systems that meet regulatory requirements
Behavioral Validation: Ensuring AI systems perform correctly after reconstruction
Evidence Generation: Documenting AI system integrity for regulators and stakeholders
Ready to Build Ransomware-Resilient AI Operations?
The uncomfortable truth: Experts warn that attackers try for months before finding a way in, so recent breaches may be the result of long-simmering vulnerabilities finally surfacing.
The opportunity: Organizations that prepare AI-ready ransomware recovery gain significant competitive advantages in response speed, regulatory confidence, and operational resilience.
Assess your AI ransomware readiness now.
Talk to us about an AI Recovery Readiness Assessment. We'll help you identify specific vulnerabilities in your current approach and set out a roadmap for ransomware-resilient AI operations.
Talk to Us About an AI Recovery Assessment →
Critical Questions for Your Crisis Planning:
Immediate Response: Which AI systems can you afford to lose vs. which must be preserved?
Recovery Priority: How do you rebuild customer-facing AI systems while maintaining regulatory compliance?
Stakeholder Confidence: Can you demonstrate to regulators that your rebuilt AI systems are trustworthy?
Competitive Position: Will your AI recovery be faster and stronger than competitors facing similar attacks?
Contact us for support with ransomware resilience.
VerityAI is a UK-based independent AI governance advisory. When ransomware hits your AI-dependent operations, we provide the specialised validation and verification advisory that traditional cybersecurity cannot deliver.
This is the kind of work our our AI governance practice handles.
Frequently asked questions
What is the difference between pattern matching and pattern mismatching in threat detection?
Pattern matching identifies threats by comparing activity against known attack signatures, so it catches what it has seen before. Pattern mismatching, sometimes called anomaly detection, flags activity that deviates from a system's normal baseline, which allows it to catch novel or evolving attacks that no signature yet describes.
Why do AI systems need both detection approaches after a ransomware attack?
A rebuilt AI system needs pattern matching to rule out known malicious code, and pattern mismatching to confirm the system is behaving the way it did before compromise. Relying on only one leaves a gap: known threats can slip past mismatching, and unknown manipulation can slip past matching.
Can traditional cybersecurity tools validate a rebuilt AI system?
Traditional cybersecurity tools are built to detect intrusions and malware, not to verify that an AI system's decision-making is functioning correctly after recovery. Validating a rebuilt AI system requires behavioural testing against the system's expected outputs, which sits outside what conventional security monitoring checks.
What should a business ask before declaring its AI systems recovered from a ransomware incident?
A business should confirm the rebuilt systems have been tested for behavioural consistency with pre-attack performance, checked for signs of manipulation or bias introduced during compromise, and documented in a way that would satisfy a regulator asking for evidence of due diligence.

Sotiris Spyrou
Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.
Founder at VerityAI