Malaysian Prime Minister Anwar Ibrahim has said that he refused to pay a US $10 million ransom demanded by hackers who, according to some reports, paralysed operations at Kuala Lumpur International Airport (KLIA).
Anwar described how he had refused to comply with a ransom demand after a cyber attack on Malaysia Airports Holdings Berhad (MAHB), which operates the country’s airports, in the early hours of Sunday morning.
“When I was informed about this … I did not wait five seconds. I said no,” Anwar said in a speech on Tuesday. “There is no way this country will be safe if its leaders and system allow us to bow to ultimatums by criminals and traitors, be it from inside or outside the country.”
Former Malaysian Member of Parliament Wee Choo Keong claimed that systems at KLIA were “down for more than 10 hours”, and that flight information display boards, check-in counters, and baggage handling services were disrupted.
He posted an image on Twitter of what appeared to be airport staff using whiteboards to list flight details for travellers – suggesting electronic systems were indeed disrupted.
However, other social media users posted images of flight information boards at Kuala Lumpur’s airport that appeared to be working normally – suggesting the true nature of the problem may have been exaggerated.
While acknowledging that a cyber attack against computer systems at the airport had occurred, a joint statement by Malaysia Airports and the country’s National Cyber Security Agency (NACSA) denied that operations at KLIA had been impacted.
Anwar said during a speech that the incident underlines the importance of Malaysia to invest more resources into defending itself against hacking attacks, particularly for critical infrastructure such as airports and financial institutions.
Unfortunately, no detailed information has been released about the security breach. Although the attack bears all the hallmarks of a ransomware attack, at the time of writing no hacking group has claimed responsibility.
If it is true that KLIA had to resort to using whiteboards to communicate with travellers about their fliught times, it won’t be the first time that an airport has been impacted in this way. In 2018, for instance, Bristol Airport in the UK found itself forced to resort to using whiteboards after a cyber attack.
