The recent ransomware attack on Malaysia Airports Holdings Bhd (MAHB) has sparked significant concerns among cybersecurity experts about the resilience of the country’s critical infrastructure against such threats. According to Associate Professor Dr Muhamad Khairulnizam Zaini of Universiti Teknologi MARA, although initial reports indicate that MAHB managed to contain the attack, it serves as a crucial alert for critical sectors to bolster their cybersecurity measures against increasingly sophisticated and evolving threats.
“This attack proves that the country’s critical infrastructure is a prime target for cybercriminals. While MAHB was able to contain the situation, cyber threats remain a constant risk, capable of striking at any time and targeting any organisation,” he told Bernama. Recently, Prime Minister Datuk Seri Anwar Ibrahim disclosed that MAHB’s digital system was hacked, with attackers demanding a ransom of US$10 million (RM44.39 million).
Media reports state that the cyber attack caused over ten hours of disruption at Kuala Lumpur International Airport (KLIA) on 23rd March. The incident rendered the airport’s flight information display system, check-in counters, and baggage handling inoperative, forcing staff to revert to manual operations. Dr Muhamad Khairulnizam emphasised the imperative of deterring such attacks as they could have severe financial, operational, and reputational repercussions for critical infrastructure like airports.
Pointing out potential disruptions to flight schedules and ticketing systems, he noted the significant security risks if passenger data is compromised due to heavy reliance on digital systems. He recommended investing in advanced technologies such as artificial intelligence and real-time threat detection, while also stressing the importance of regular security audits and employee cyber security awareness. He mentioned that human error often leads to vulnerabilities, calling for ongoing education and awareness to avert attacks.
Dr Norulbaiti Mohd Nor, Dean of the Faculty of Hospitality and Management at the University College of Aviation Malaysia, urged the aviation industry to adopt a proactive stance to thwart cybersecurity threats, focusing on processes and technology. She highlighted the need for continuous upgrades in governance protocols and the implementation of resilient IT infrastructure like blockchain to enhance security.
Norulbaiti noted that prominent airlines like Emirates have begun using blockchain technology, whereas Singapore Airlines has yet to fully integrate it across all operations due to technical complexities and regulatory considerations. “The cyber attack on KLIA has affected operational processes and will impact the public. Frequent attacks could undermine public perception and trust in aviation security,” she emphasised.
Comparing the invisible threat to pandemics, Norulbaiti underscored the necessity of regulatory enhancements, particularly in data protection and cybersecurity laws in aviation. She called on the authorities to proactively strengthen cybersecurity measures, highlighting that cyber attacks present emerging threats distinct from traditional concerns like terrorism. “Without timely action, such incidents may continue to occur, potentially disrupting critical infrastructure and undermining public trust,” she warned.
Meanwhile, Datuk Captain Norazman Mahmud, CEO of the Civil Aviation Authority of Malaysia (CAAM), stated that CAAM is closely collaborating with MAHB, aiding their Business Continuity Plan (BCP), including aircraft gate allocation. “We work closely to ensure no future attacks, and our systems architecture is robust and secure to defend against future cyber attacks,” he assured.
