The fast-paced, hands-on simulation is designed to sharpen incident response and defense strategies against attacks on water and electricity utilities.
Semperis, a provider of AI-powered identity security and cyber resilience, today announced that Marcus Hutchins, the cybersecurity industry icon who stopped the 2017 WannaCry cyberattack, will be joining Operation Blindspot, a high-stakes red team/blue team cyber crisis simulation taking place at Black Hat, Tuesday, August 5, 2025.
Operation Blindspot is a tabletop exercise exploring the effects of a simulated cyberattack on a fictional water utility. Recent Semperis research on The State of Critical Infrastructure Resilience shows that 62% of water and electricity utilities in the U.S. and UK were targeted by a cyberattack in the past year.
“I am thrilled to take part in Operation Blindspot because defending critical infrastructure against nation-state threats is one of the toughest challenges we face. Exercises like this are invaluable. They not only help defenders on the front lines preparing and preventing attacks but they also shed a positive light on so many unsung heroes defending their organizations from threat actors,” said Hutchins.
Participating in the exercise will be teams comprised of incident responders, security analysts, threat analysts, the FBI, the Las Vegas Police and the Cybersecurity Infrastructure and Security Agency (CISA). The goal of Operation Blindspot is to use peacetime to improve battle readiness, coordination and response times so that incident responders are fully equipped to manage real-world cyberattacks with greater speed and confidence.
“Cyberattacks don’t check your calendar. They hit when you’re at your weakest,” said Marty Momdjian, Semperis EVP, Ready1 and the Operation Blindspot facilitator. “Recent Semperis research shows that more than 70 percent of organizations faced at least one high-impact cyber event last year that halted business functions. Yet many of them still have disjointed response plans in place. In moments of crisis, it’s not about rising to the occasion, but falling back on the strength of your preparation.”
“Many public utilities likely don’t realize that China has infiltrated their infrastructure,” said Chris Inglis, the first U.S. National Cyber Director and Semperis Strategic Advisor. “Chinese-sponsored threat actors like Volt Typhoon are known to prefer Living off the Land attacks, which are difficult to detect and can remain dormant, planting backdoors, gathering information, or waiting to strike for months or even years.”