Japan Airlines cyber attack disrupts flights, but systems now appear to be back to normal
- Japan Airlines has suffered a major network disruption
- An investigation revealed a cyberattack by an unknown threat actor
- The attack lasted several hours and caused delays to some flights
Japan Airlines has confirmed it suffered a cyberattack that caused widespread system disruptions and delays to more than 20 domestic flights.
The airline first noticed something was wrong when part of the network connecting internal and external systems went wrong. A brief investigation revealed that a threat actor was attempting to overwhelm the network by sending massive data transmissions, similar to a Distributed Denial of Service (DDoS) attack.
Today, DDoS attacks are used as a distraction, while attackers deploy malware or even ransomware elsewhere on the network. Alternatively, the crooks can contact the victims, sometimes even over the phone, to demand a ransom in exchange for stopping the DDoS.
No malware discovered?
However, Japan Airlines said the attack did not result in the deployment of malware or data theft. The only damage was the delay of 24 domestic flights of about half an hour. The company also suspended ticket sales for both domestic and international flights for a few hours. Flight safety was not affected, it added.
The AP also reported that the country’s Ministry of Transportation urged Japan Airlines to hurry up and restore systems so that affected passengers could be accommodated, as other national carriers, such as All Nippon Airways, Skymark or Starflyer, were not affected by the incident were affected.
At the time of writing, no threat actors have taken responsibility for the attack, so we have yet to learn the motives. The holidays are the usual time of year when criminals increasingly target critical infrastructure companies. As companies experience an increase in traffic while having sufficient staff on annual leave, they are a prime target for ransom demands.
In January 2024, one of the world’s largest aircraft leasing companies, AerCap, was hit by a ransomware attack that resulted in the theft of sensitive company data, and in March Air Europa suffered the same.
Via AP