Modern vessel navigation is becoming more and more dependent upon computers and computer software. This maximizes the danger of the systems being exposed to cyber attacks. In the event that one or more of them were to be compromised, this could lead to a member incurring P&I liabilities such as collision, personal injury, property damage, pollution or wreck removal.
Other than the exclusion regarding paperless trading, there is no express cyber exclusion in the club’s rules. Below you can find a list of cases, the P&I cover may or may not respond to.
Cases that P&I may or may not cover:
- A normal P&I cover will continue to respond to P&I liabilities arising out of a cyber attack, provided that the attack in question does not constitute ‘terrorism’, ‘a hostile act by or against a belligerent power’ or another war risk,
- If the purpose of a cyber attack was to be perpetrated by an individual or group for the purposes of causing general disruption and for no public cause, then this would be very unlikely to be considered as terrorism and a member’s cover will respond in the normal manner,
- In the case of a ‘hostile act by or against a belligerent power’ the club’s board does not have the same discretion to ultimately decide what this means. If a cyber attack were to be executed against a ship by a government or organised rebels in a period of war or civil war, the war risks exclusion in the rules would be activated,
- In the event that a cyber attack does constitute ‘terrorism’, ‘a hostile act by or against a belligerent power’ or another excluded war risk, then the club’s excess P&I War Risks clause may respond but not to the extent that the cyber attack involves the use or operation of a computer virus as a means for inflicting harm.
If you want to read the full report, please click below: