Japan Airlines cyberattack disrupts flights, but systems now seem to be back to normal

Japan Airlines cyberattack disrupts flights, but systems now seem to be back to normal


  • Japan Airlines experienced a major network disruption
  • An investigation uncovered cyberattack by an unknown threat actor
  • The attack lasted a few hours and caused delays in some flights

Japan Airlines has confirmed suffering a cyberattack which caused widespread system disruption and delays to more than 20 domestic flights.

The airline first noticed something was amiss when a part of the network that connects internal and external systems went awry. A short investigation determined that a threat actor tried to overwhelm the network by sending enormous data transmissions – similar to a Distributed Denial of Service (DDoS) attack.

These days, DDoS attacks are used as a diversion, while the attackers deploy malware, or even ransomware, elsewhere on the network. Alternatively, the crooks can reach out to the victims, sometimes even via phone, to demand a ransom in exchange for stopping the DDoS.

No malware inolved?

However, Japan Airlines said the attack did not result in the deployment of malware, or data theft. The only damage included the delay of 24 domestic flights for roughly half an hour. The company also suspended the sales of tickets for both domestic and international flights for a few hours. Flight safety was not impacted, it was added.

The AP also reported the country’s ministry of transport urged Japan Airlines to hurry up and restore the systems, accommodating affected passengers, as other national airlines, such as All Nippon Airways, Skymark, or Starflyer, were not affected by the incident.

At press time, no threat actors have assumed responsibility for the attack, so we are yet to learn of the motives. The holidays are the usual time of year when criminals increasingly target critical infrastructure firms. As companies experience an increase in traffic, while at the same time having plenty of staff on annual leave, they are a prime target for ransom demands.

In January 2024, one of the biggest aircraft leasing companies in the world, AerCap, suffered a ransomware attack that resulted in the theft of sensitive corporate data, and in March, Air Europa suffered the same.

Via AP

You might also like

administrator

Related Articles