Japan Airlines Hit by Cyberattack

Facts

• Japan Airlines (JAL) experienced a cyberattack on Thursday morning that began at 7:24 am local time, causing system malfunctions in its internal and external systems.^[1][2][3]
• The airline identified the disruption as a distributed denial-of-service attempt — an attack that overwhelms network systems or servers with massive data transmissions.^[4][5][6]
• The disruption resulted in delays to 24 domestic flights for more than 30 minutes, though no virus infections or customer data leaks were reported.^[3][5][7]
• JAL temporarily isolated the problematic router at 8:56 am, successfully restored its systems, and resumed ticket sales.^[1][4][8]
• Other major Japanese airlines, including All Nippon Airways (ANA), Skymark, and Starflyer, reported no disruptions to their operations.^[3][7]
• The incident adds to recent cyberattacks on Japan's infrastructure, including its space agency, JAXA, and the Nagoya Port in 2023.^[1][7]

Sources: ^[1]Le Monde, ^[2]Voice of America, ^[3]EuroNews, ^[4]The Straits Times, ^[5]Associated Press, ^[6]JAL, ^[7]SecurityWeek and ^[8]DW.

Narratives

• Narrative A, as provided by SecurityWeek and The Diplomat. This cyberattack demonstrates significant vulnerabilities in Japan's critical infrastructure security, particularly as the country strengthens its defense partnerships with allies who maintain stricter cybersecurity protocols, suggesting an urgent need for enhanced protection measures.
• Narrative B, as provided by ORF Online and Voice of America. The swift identification and resolution of this attack, with no compromise to flight safety or customer data, shows that JAL's existing security systems and response protocols were effective in minimizing potential damage and maintaining operational integrity. While there is still progress to be made, Japan has made significant strides in bolstering its cyber defenses.