Skip to main content
CybersecurityHacking

Cybersecurity Teams Face Simulated Supermarket Cyber-Attack Test

Cybersecurity team members respond to simulated cyber-attack in empty supermarket aisle.

"Retail is a target and everybody knows that. Often, they will pay a ransom because they want to get back running quickly. That’s why retail is often a strong target," Guido Grillenmeier, principal technologist at Semperis, told Infosecurity.

Semperis brings an immersive tabletop to Infosecurity Europe

On Wednesday 3 June, Semperis will run "Enter the War Room: A Tabletop Experience" at Infosecurity Europe 2026 — a 90‑minute, red team versus blue team tabletop exercise that drops participants into a simulated, fast‑moving, multi‑stage cyber‑attack against a fictional supermarket called "BlueCart." Semperis presents the event as an immersive roleplaying simulation rather than a live hacking exercise; the aim is to give cybersecurity professionals the experience of working in a realistic, high‑impact environment without executing real intrusions.

BlueCart: an AI supply‑chain trigger in the scenario

The BlueCart scenario is explicitly modelled on recent real incidents. Semperis says the fictional retailer is "a modern company that is utilizing a new AI system for its supply chain management" and that the system "has just announced that it is going live, which has got the attention of the bad guys," Grillenmeier told Infosecurity. That plot point is central to the exercise: organisers intend to simulate attacks that mirror what "real retailers have faced" and to test how teams respond when a high‑profile technology change draws adversary focus.

Spring 2025 attacks that inspired the exercise

The tabletop draws from a pair of disruptive incidents in Spring 2025, when UK retailers Co‑op and Marks & Spencer were hit by ransomware attacks. According to Infosecurity, those incidents left shelves empty and caused system outages that, in some instances, meant customers could not pay for items that were in stock. The attacks were attributed to the hacking groups Scattered Spider and "The Com," and Infosecurity reports the incidents cost both retailers "hundreds of millions of pounds."

Who will participate and what they will test

Participants in the tabletop will work alongside "reformed hackers and defenders from the UK government, law enforcement and the private sector." Teams will be tasked with stress‑testing detection and decision‑making, as well as cross‑functional communication and executive escalation under pressure. Semperis frames the exercise as an opportunity to identify exposed blind spots and to sharpen crisis playbooks for participants' own organisations.

What this means for cybersecurity teams, UK retailers, and customers

  • Cybersecurity teams: the exercise offers a concentrated environment to rehearse detection, communication and escalation procedures, and to "reflect that to your own environment" to see how a similar incident might play out in their networks, Grillenmeier said.
  • UK retailers: the Spring 2025 examples underline that outages can produce immediate operational pain — empty shelves and payment failures — and large financial consequences, with costs reported in the "hundreds of millions of pounds."
  • Customers: as the earlier incidents show, cyber‑attacks against retail infrastructure can directly affect the public's ability to buy goods and complete transactions, even when items remain physically available on shelves.

Semperis will be at Infosecurity Europe at booth #B118. Courtney Guss, Semperis Director of Crisis Management, will speak on "Compliance at the Speed of a Crisis: A Practical Framework and Approach to Meeting Global Regulatory Requirements under Pressure" on the Cyber Strategies Stage at 10:35 on Tuesday 2 June. Semperis will also host a panel titled "The Importance of Human Resilience During Cyber War: Inside the Making of 'Midnight in the War Room'" at 16:30 on the Resilience and Cyber Risk stage the same day.

Visitors to Infosecurity Europe 2026 can sign up to take part in Enter the War Room. Read the original Infosecurity story here: https://www.infosecurity-magazine.com/news/infosecurity-europe-semperis/