Across the US, the UK, and Europe, an evolving criminal threat is reshaping supply chain security.
Cargo theft – once dominated by opportunistic yard break-ins and roadside robberies – has progressed into a technologically sophisticated battleground where organised criminal groups (OCGs) utilise digital deception, synthetic identities, and insider intelligence to conduct attacks.
In response, freight and logistics companies must urgently reassess their exposure and rebuild defences. Effective mitigation now depends on creating layered security ecosystems that span verification, cybersecurity, physical hardening, and strategic planning.
Who is targeting freight and logistics companies?
Overwhelmingly, OCGs are responsible for cargo theft, targeting ‘theft attractive items’, such as clothing, pharmaceuticals, electronics, alcohol, and food, which can be monetised quickly and discreetly to rapidly generate funds.
While the number of reported thefts has actually dropped, the average value per incident has risen sharply. This indicates improved targeting, reconnaissance, and execution by criminals, who are successfully identifying and targeting higher-value consignments.
Methods utilised by OCGs
Modern cargo theft relies less on force and more on deception with modern methods enabling OCGs to operate at distance. Adopting more brazen and complex tactics, criminals are refining their approach to carrying out theft. By imitating legitimate businesses or using forged documentation, criminals can organise fictitious pickups, collect goods, and then disappear before discrepancies are even detected.
According to reports from the BBC (opens a new window), OCGs are purchasing haulage firms on the verge of bankruptcy, registering bogus companies, or using the details of deceased people to help steal goods. And in the US, OCGs are purchasing legitimate motor carrier numbers (MC#) from a selling business with a clean criminal record, continuing to operate to build industry trust, and then progressing to high value consignments to undertake one large theft.
Risks to freight and logistics companies
Loss of income and contractual penalties
Freight and logistics companies may be contractually liable for the full value of stolen goods, particularly where customers demand full recourse rather than capped liability per tonne. Delays, service failures, and lost consignments can also trigger penalties.Reputational damage and client dissatisfaction
Repeated or high‑profile thefts undermine confidence among customers, insurers, and supply‑chain partners. Reputational harm can materially affect renewal of contracts, framework agreements, and preferred contractor status.Increased operational costs
In the wake of thefts, freight and logistics companies may suffer business disruption, fleet and driver downtime, and have to implement reactive operational changes, all of which may incur significant costs and are frequently uninsured.Insurance repercussions
Claims experience directly influences premiums, deductibles, sublimits and, in some cases, insurer appetite. Repeated theft losses can result in materially higher pricing, tightened terms, or even policy non‑renewal.Stricter terms and conditions
Businesses dealing with high value goods, such as electronics and clothing, are demanding more stringent terms with freight and logistics companies. Instead of arbitrary prices per ton, which may leave them with significant losses, companies are now demanding full recourse of goods stolen.
The cyber aspect of cargo theft
Cyber-based attacks and data theft are key features of the more sophisticated methods used by OGCs. To arrange and conduct thefts, criminals will hack dispatch systems, monitor shipment flows, or launch phishing campaigns to acquire credentials and gain access to freight and logistics companies’ IT systems to then harvest information on what, when, and where goods are being shipped. Typically, the IT capabilities and defences of freight and logistics companies are underfunded and simplistic — leaving their systems vulnerable to attack from malicious actors.
Some thieves can orchestrate theft remotely from a separate country, manipulating TMS data or spoofing carrier identities to divert loads without ever visiting a warehouse. Then, once in receipt of fraudulently obtained goods, criminals will continue falsifying GPS and TMS data in order to make it appear the consignment is travelling to the correct destination. However, all the while, the stolen cargo is actually being diverted to another location to be ‘chopped up’ and then further dispersed – often back into legitimate supply chains as ‘grey’ goods.
Subcontracting as a vulnerability multiplier
To meet contractual demands or challenging timelines, some logistics companies will subcontract deliveries to third-parties, with retail and e-commerce supply chains particularly reliant on subcontracting. However, it significantly expands the attack surface if not tightly controlled.
Pressure to meet delivery volumes and timelines can tempt companies to prioritise cost and availability over familiarity and security. Introducing unknown or lightly vetted third‑party carriers creates opportunities for infiltration by criminals posing as legitimate subcontractors.
As a supply chain introduces multiple entities, unknown or inexperienced freight and logistics companies can increase vulnerabilities. Before subcontracting, companies must confirm that it is permitted by both client contracts and insurance policies. Failure to disclose subcontracting arrangements – or to evidence adequate due diligence – can invalidate cover or complicate claims.
Is the insurance market responding?
The insurance market has responded decisively to escalating cargo theft risk. For theft‑attractive commodities, insurers are restricting limits, increasing deductibles, and applying tighter sublimits. Where multiple and repeated thefts occur, aggregate limits can be exhausted rapidly.
Cargo insurance premiums have been trending upward for several years with severity, aggregation, and complexity being the primary drivers for this. Average losses per theft now regularly exceed US$200,000, with some incidents reaching seven‑figure values. This challenges insurers’ ability to diversify risk across portfolios and forces recalibration of pricing and capacity.
To bridge contractual gaps created by reduced primary limits, some freight and logistics companies are turning to excess placements in specialist markets. Effective structuring increasingly requires closer collaboration between insureds, brokers, and underwriters, supported by clear articulation of risk controls.
Claiming under insurance policies can become complicated if thefts have involved the use of a cyber-attack. For insurers, the blurring of physical theft and digital deception complicates policy response. Coverage disputes increasingly arise where cyber elements trigger exclusions or sit ambiguously between cargo, liability, and cyber policies. Ensuring coverage for small‑scale hacking events and digital deception is now a critical placement consideration.
Insurers increasingly expect insureds to re‑examine policy wordings, align them with operational realities, and maintain documented post‑theft response plans covering law‑enforcement liaison, evidence preservation, and recovery efforts.
Furthermore, stakeholders should work with brokers and insurers to give a full picture on safety protocols implemented. This helps to not only ensure that coverage is correctly placed, but also that the most competitive terms are secured.
Bolstering risk mitigation: the rise of layered security
As it becomes clear that no single security measure is sufficient, companies are increasingly embracing multi-layered, intelligence-driven protection to address both physical and digital risks.
We have formulated the following steps cargo and logistics companies can take to protect themselves from incidents of theft:
Reinventing carrier vetting
Enhanced verification, including physical address checks, multi‑factor authentication, and deeper background screening of carriers and personnel, are recommended. It is also advisable to seek carriers who are TAPA or TSR accredited.Hardening cyber defences
Companies should adopt stricter cyber defences. This will include encrypted communications, intrusion detection, access controls, regular patching, and ongoing employee cyber awareness training.Smart routing and journey management
As OCGs view major transport routes fertile ground for coordinated thefts, dynamic route diversification and avoiding predictable patterns that thieves can exploit is crucial. Real‑time GPS monitoring, ideally with tamper‑proof installation is essential, enabling operators to detect unauthorised stops, route deviations, or sudden communication loss. Additionally, for high-value cargo, it is prudent to use hard-sided trailers, as curtain-sided are more vulnerable to physical attack.Physical barriers: locks, seals, and layered protection
High security seals and tamper evident locking systems are widely recommended across the sector. Regular seal inspections are now standard procedure, particularly for high value cargo, such as pharmaceuticals and electronics.Intelligence exchange and cross‑industry collaboration
Cross‑industry intelligence sharing is important to help logistics operators map hotspots, monitor emerging tactics, and coordinate responses to unfolding theft incidents.Building a security‑aware workforce
Drivers, warehouse workers, brokers, and administrative staff are all potential targets for social engineering, coercion, or exploitation. As such, security training has become a cornerstone of theft prevention, covering threat recognition, document verification, cyber hygiene, and post-incident escalation procedures. Furthermore, regular audits and whistle‑blower mechanisms should form part of a holistic human‑risk strategy.Warehousing resilience
Companies should upgrade surveillance systems, tighten access permissions, and implement zoning policies that isolate high value goods. Perimeter security fencing, alarms, and lighting are becoming increasingly perceived as essential risk mitigation.
For further discussion, please contact a member of our Cargo & Logistics (opens a new window) team.
