Japan Airlines (JAL) faced major delays on Thursday following a cyberattack that disrupted its domestic and international flights. The airline, ranked as Japan’s second-largest carrier after All Nippon Airways (ANA), announced that it had identified and resolved the issue, ensuring no compromise to flight safety.
Delays and Operational Impact
The cyberattack disrupted JAL’s systems early Thursday morning, resulting in delays for 24 domestic flights, each delayed by over 30 minutes. Passengers at several airports across Japan faced inconveniences due to problems with the airline’s baggage check-in system. However, no widespread disruption was reported.
JAL temporarily suspended ticket sales for flights departing the same day, issuing an apology via the social media platform X: “We identified and addressed the cause of the issue. We are checking the system recovery status. Sales for both domestic and international flights departing today have been suspended. We apologise for any inconvenience caused.”
Nature of the Cyberattack
A JAL spokesperson confirmed that the incident was a cyberattack. Japanese media speculated that it could have been a Distributed Denial of Service (DDoS) attack, a tactic commonly used to overwhelm and disrupt servers or websites. JAL’s network disruption began at 7:24 AM on Thursday (2224 GMT Wednesday). By 8:56 AM, the airline isolated the router responsible for the issue, stabilizing its systems shortly after.
Broader Context of Cyberattacks in Japan
JAL’s experience is not isolated. In recent years, Japanese entities have increasingly been targeted by cyberattacks:
- 2023: Japan’s space agency, JAXA, was targeted, though no sensitive data was compromised.
- 2023: A ransomware attack by the Russia-based Lockbit group disrupted operations at one of Japan’s busiest ports.
- 2022: A cyberattack targeting a Toyota supplier led the automaker to pause operations at its domestic factories temporarily.
- 2024: The video-sharing website Niconico faced a large-scale cyberattack in June.
These incidents highlight a growing need for enhanced cybersecurity measures across Japanese industries.
Separate Incident: January 2024 Collision Report
On the same day JAL reported the cyberattack, a transport ministry committee released an interim report on a fatal January 2024 collision involving a JAL passenger jet. The incident occurred at Tokyo’s Haneda Airport when a coast guard plane collided with a JAL Airbus during a mission to deliver relief supplies to a quake-affected region.
The collision resulted in the death of five coast guard crew members, while all 379 passengers and crew aboard the JAL Airbus escaped before the aircraft was engulfed in flames. The report cited human error as the primary cause, with miscommunication between the smaller plane’s pilot and air traffic control being a key factor. A delayed departure and oversight by the traffic controller also contributed to the tragedy.
Market Reaction
JAL’s stock price dipped by 2.5% in morning trading following news of the cyberattack but recovered slightly later in the day. The incident underscores the vulnerability of even major corporations to cyber threats and the importance of robust incident response protocols.
Moving Forward
Japan Airlines has reiterated its commitment to ensuring the safety and security of its operations. As cybersecurity threats continue to evolve, the airline and other Japanese organizations face increasing pressure to bolster their defenses and prevent future incidents.
