Japan Airlines (JAL) has become the latest airline to face the harsh realities of cyber threats, as the company reported early Thursday morning it was subjected to a cyberattack, resulting in widespread delays to both domestic and international flights. The disruptions began around 7:24 AM JST and were largely due to failures within systems linking JAL's internal networks with external platforms, leading to operational challenges for the airline.
By 11:00 AM, at least 24 domestic flights had been delayed by more than 30 minutes, as reported by JAL. The airline confirmed ticket sales for all flights scheduled for Thursday had been suspended, which added to the distress of passengers awaiting updates. “Sales for both domestic and international flights departing today have been suspended. We apologize for any inconvenience caused,” JAL said on its social media platform X.
The airline took swift action to identify and mitigate the issue. By 8:56 AM, JAL had confirmed it isolated the router identified as the source of the disruptions, and they were actively monitoring the recovery of their systems. The Tokyo-based airline also reassured customers on the safety of its flights, stating, “While operations were affected, the safety of its flights remained uncompromised.”
Reports from public broadcaster NHK indicated there were delays at several Japanese airports, with some experiencing hold-ups of up to 50 minutes. Notably, All Nippon Airways, JAL’s chief competitor, stated it had not encountered any cyber incidents during this event, demonstrating the randomness of cyberattacks across the aviation sector.
This incident at JAL reflects the broader vulnerabilities faced by the global aviation industry. A recent survey highlighted significant risks within aviation IT systems. Ganesh Jayaram, American Airlines’ chief digital and IT officer, described cyber threats as “the thing” keeping him awake at night during the Skift Aviation Forum. From automated threats targeting travel systems to account takeover attempts, the dangers have become more prominent. The Imperva 2024 Bad Bot Report revealed the travel sector accounted for over 20% of all monitored attack traffic requests last year.
The aviation sector has grappled with the aftereffects of numerous cyber incidents over recent years. Earlier this month, American Airlines experienced grounding due to technical failures during the peak travel period. JAL's cyberattack, resulting from network vulnerabilities, highlights the precarious nature of airline operations reliant on interconnected systems.
Surveillance and defense measures against cybersecurity threats have become increasingly necessary. Japan Airlines is not alone; similar incidents faced other Japanese firms, including Toyota suppliers and video-sharing platform Niconico, which suspended operations after cyberattacks. This reinforces the urgencies for both increased public awareness and strategic defenses against these digital threats.
Despite the immediate disruptions, JAL is working to restore its operations as quickly as possible. The airline reassured the public of its commitment to passenger safety, emphasizing its determination to recover from the incident without compromising service. “We identified and addressed the cause of the issue. We are checking the system recovery status,” reiterated JAL as it strove to regain normalcy.
The impact of this incident serves as a warning about the vulnerabilities facing the aviation industry amid increasing reliance on technology. With passengers worldwide depending on these services, airlines must prioritize cybersecurity to protect travelers and their operations.
Overall, the cyberattack on JAL exemplifies the persistent threat posed to modern transport systems and highlights the larger issue of security within our increasingly digitized world.
