Japan Airlines (JAL) faced a major operational disruption on December 26, 2024, as a result of a cyberattack that targeted its systems. The cyberattack had a significant impact on both domestic and international flights, leading to delays and prompting JAL to temporarily suspend ticket sales for same-day departures. Despite the inconvenience caused to travelers, JAL assured the public that flight safety remained uncompromised.
The cyberattack on Japan Airlines commenced at 7:24 AM JST on December 26 when abnormalities were detected in the network equipment connecting internal systems to external networks. This issue resulted in a malfunction in the communication systems, disrupting the interaction between JAL’s internal systems and external platforms. In response, JAL took immediate action within 90 minutes by shutting down the affected router device to prevent further damage. Nevertheless, the operational impact of the cyberattack persisted throughout the day, with more than 40 flights experiencing delays at various airports in Japan.
The disruptions led to the temporary suspension of standby services for domestic flights, although no international flights were canceled. By noon on Thursday, over 40 flights had been delayed across Japanese airports, affecting approximately 28% of JAL’s scheduled flights. While some delays were directly attributed to the cyberattack, others were due to unrelated issues.
In an effort to address the cyberattack, JAL swiftly initiated an investigation to determine its origins and identify the responsible parties. The airline’s cybersecurity team promptly took action to investigate the cause of the disruption and implement corrective measures. Despite no immediate claims of responsibility, JAL’s management prioritized resolving technical issues and enhancing defense mechanisms to mitigate the risk of future incidents.
Concurrently, JAL acknowledged the inconvenience caused to passengers and their families, expressing condolences for the lives lost in a recent tragic incident involving Japan Airlines Flight 516. The airline reaffirmed its commitment to maintaining high safety standards and operational security.
Although the cyberattack disrupted JAL’s operations, the airline reiterated that flight safety remained unaffected and gradually resumed sales for both domestic and international flights later in the day. The incident serves as a reminder of the ongoing threat posed by cyberattacks in industries heavily reliant on digital communication systems. Airlines like JAL must continue to invest in cybersecurity to safeguard their critical systems and protect against potential disruptions in the future.