Japan’s flag carrier announced that it has restored its systems following a cyber incident that delayed some domestic and international flights on Thursday.
Japan Airlines (JAL) stated that a “system malfunction” occurred due to a sudden surge in traffic on its network equipment used for data communication with external systems. Such attacks, known as distributed denial-of-service (DDoS) attacks, disrupt the normal operation of a website or server by overwhelming it with a flood of traffic from multiple sources.
Upon identifying the issue, the carrier said it temporarily shut down the affected system and suspended ticket sales for same-day departures, along with some online services for passengers. According to local media reports, the attack also impacted the system for managing passenger baggage, as well as the company’s mobile app.
JAL has provided few details about the incident and has not attributed it to a specific threat actor. However, the company claimed that no customer information was leaked and that it suffered no damage from computer viruses. There was also no impact on flight safety, according to JAL.
Flights for the next day “are currently scheduled to operate as normal,” the airline said, adding that passengers whose flights were delayed or canceled should contact the company.
According to Japan’s public broadcaster, NHK, more than 40 flights were delayed at various airports across Japan on Thursday. Some of these delays were related to the cyberattack, while others were caused by unrelated issues, such as weather.
The airline industry remains an attractive target for hackers worldwide. Earlier in September, the German state-owned company responsible for the country’s air traffic control, Deutsche Flugsicherung, was hit by a cyberattack that affected its administrative IT infrastructure.
In October, a ransomware gang targeted the operator of 13 airports across Mexico, forcing its IT team to rely on backup systems to maintain operations.
Most of these attacks are financially motivated, but there are exceptions. In January, suspected Iran-backed attackers replaced the plane departure and arrival data on screens with politically motivated anti-Hezbollah messages. The attack briefly disrupted the passenger baggage inspection system but did not impact the flight schedule.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
