This workshop involves an interactive, governance-level crisis simulation where participants' decisions determine the outcome of a high-stakes EU scenario. In the run-up to a major holiday period, compromised software updates trigger ransomware, disrupting rail and port logistics across two EU member states. Services fail and safety concerns rise, while attribution remains uncertain - organised crime or a state actor? The scenario unfolds in a series of fast-paced, timed rounds with live QR code polling on participants' phones, displaying results instantly to inform the next move. Under escalating pressure, participants must navigate ransom demands and uncertain attribution, make defensible decisions regarding legal obligations, develop public messaging strategies, decide whether to act nationally or coordinate at EU level and consider recovery options that may trade speed for sovereignty by relying on non-EU tools. After each vote, a moderated expert panel unpacks the implications for security, compliance, fundamental rights and strategic autonomy.