Protecting cargo in a digital world: understanding the new cyber theft endorsement

The pervasive effects of cyber crime are being increasingly felt across many industries in Australia, both operationally and financially. They have developed from unitary data breaches to highly complex attacks that disrupt entire systems. In the marine industry, cyber crime is now enabling wide scale cargo theft. As global supply chains become ever more digitalised, hackers possess the capability to tamper with booking platforms, container release codes, and routing information, creating opportunities for real-world cargo theft on a much larger scale.

For cargo owners this raises a critical question - does your insurance protect you against theft facilitated by a cyber breach?

On the 28^th of October, the Joint Cargo Committee (JCC) in London introduced the Marine Cargo Cyber Exclusion with Physical Theft Confirmation Endorsement (JC2025‑026). This new wording introduces much-needed clarity around cyber theft and coverage in the marine insurance market. Cyber-related losses remain excluded, however physical theft of insured goods is confirmed as covered, even if a cyber attack was part of the process.

The evolution of cyber-enabled theft

The evolution of cargo theft has been dramatic, particularly in the last few years, owing to the greatly heightened sophistication of cyber-enabled attacks. Gone are the days when criminals relied solely on physical break-ins or manual cargo interception. Today, organised groups use complex digital tools to infiltrate even the most advanced logistics systems, manipulate container release codes, and even reroute entire shipping corridors. This makes theft far less traceable, meaning these attacks often go undetected until the goods have completely vanished.

This convergence of cyber and physical risk meant that there was a pressing need for traditional insurance wordings, written and designed for the pre-digital era, to catch up and align with today’s evolving risk landscape.

Why did the market need to change?

Since 2018/19, most marine cargo policies included Marine Cyber Endorsement LMA5403, which broadly excluded losses “directly or indirectly” caused by cyber events. SALT, along with the wider marine market, currently incorporate Marine Cyber Endorsement LMA 5403 in our cargo quotes and policy wordings.

Since its adoption this language has sparked widespread concern: could a theft claim be denied if hackers facilitated access? It left potential for the wording to be construed, excluding what may otherwise be considered recoverable under a standard marine cargo policy as physical loss or damage of the insured goods by theft.

Our interpretation and belief remain that the intention of those drafting Marine Cyber Endorsement LMA 5403 was not to preclude losses by theft. This prevalent ambiguity therefore prompted a thorough review by the JCC.

What does the new endorsement mean for the marine industry?

The JCC in London has produced a Marine Cargo Cyber Exclusion with Physical Theft Confirmation Endorsement JC2025-026, which directly addresses this problem. Whilst excluding coverage for losses from cyber attacks, it confirms that physical theft is still covered; even if a cyber attack was involved in the process.

The endorsement acknowledges and addresses the growing risk of cyber-enabled theft in cargo transport and clarifies that the marine policy still covers theft as a physical act, distinguishing it from pure cyber-related losses. The Clause 4 of the endorsement wording envisages a cyber event being followed by further human intervention, being the physical removal of the goods as part of the wider attack.

In summary, Endorsement JC2025-026 means that:

• Cyber losses remain excluded - consistent with market practice
• Physical theft stays covered, even if cyber was used to gain access
• Clause 4 is key: it confirms that if acyber event enables access, but human intervention is required to physically remove goods, the theft still remains covered

This is a practical solution for a complex risk scenario. It restores the intent of cargo policies: theft is a physical peril, and coverage should reflect that.

Clarity for cargo owners

This Endorsement provides greater clarity and confidence for cargo owners. The revised wording has not been subject to judicial scrutiny, and its practical application will be closely watched by the market. For now, it reflects the industry’s intent to keep theft recoverable under marine cargo policies, even when cyber plays a role.

This new Endorsement means:

• Certainty - reduces disputes over coverage when cyber and physical risks intersect
• Alignment - reflects real-world exposures in a digitised supply chain
• Confidence - ensures theft remains a covered peril under marine cargo policies

‍

Practical steps for cargo owners

1. Check your policy wording - does it include JC2025‑026?
2. Assess your cyber touch points - booking systems,port platforms, GPS tracking
3. Strengthen controls - combine digital security with physical safeguards

‍

As technology evolves exponentially, policy language must keep pace. JC2025-026 is a meaningful step to ensure coverage reflects real-world exposures.

SALT will be introducing clause JC2025-26 to all marine cargo policies, schedules and supporting documents as we consider this a helpful clarification. We will also apply the intent of JC2025-026 retrospectively to any claims arising under existing policies where the circumstances are relevant. Please contact us if you have any questions.