Japan Airlines recently suffered a cyberattack that led to widespread system disruptions and delays in more than 20 domestic flights. The airline first noticed an issue when part of its network connecting internal and external systems failed.

Upon investigation, it was determined that the attack appeared to be similar to a Distributed Denial of Service (DDoS) attack, where massive data transmissions were used to overwhelm the network. DDoS attacks are often employed as a diversion, allowing attackers to deploy malware or ransomware elsewhere on the network, though no such activity was reported in this case.

Japan Airlines confirmed that the cyberattack did not result in malware deployment or data theft. The only damage included delays to 24 flights, each delayed by approximately 30 minutes. Additionally, the airline temporarily suspended ticket sales for both domestic and international flights.

Despite these disruptions, the safety of flights was not impacted. The incident prompted Japan's Ministry of Transport to urge Japan Airlines to restore systems quickly, ensuring affected passengers were accommodated. Other national airlines, such as All Nippon Airways and Skymark, were not affected by the cyberattack.

The attackers behind the incident have yet to claim responsibility, and the exact motives remain unclear. This attack occurred during the busy holiday season, a time when critical infrastructure firms are often targeted due to increased traffic and staff absences. Such attacks are increasingly common during this period, as cybercriminals exploit the situation for ransom demands.

This cyberattack follows a series of high-profile incidents in the aviation industry, including a ransomware attack in January 2024 on AerCap, one of the largest aircraft leasing companies, and another in March on Air Europa, where sensitive data was stolen.

TECHRADAR