Report: MAHB denies cyber attack behind KLIA disruptions

Danial Dzulkifly
Travellers queue up to check-in for their flights at the Kuala Lumpur International Airport in Sepang August 24, 2019. ― Pictures by Miera Zulyana

KUALA LUMPUR, Aug 24 — The network failure that took out the computerised systems at both terminals of the Kuala Lumpur International Airport (KLIA) these past three days was not caused by a cyber attack, according to its operator.

New Straits Times today reported Malaysian Airport Holding Berhad (MAHB) saying allegations that hackers were behind the disruptions of its Total Airports Management Systems (TAMS) were “totally untrue”.

The country’s biggest airport operator previously attributed the ongoing glitches that started last Tuesday night to faulty hardware and said it is in the process of replacing the equipment.

The newspaper had earlier cited an anonymous network analyst suggesting the hardware mentioned could be airport’s core switches — said to be devices used to communicate between multiple other data collection systems such as baggage handling systems, wifi and flight information display, among others.

Malaysian Airport personnel distribute refreshments to passengers at the Kuala Lumpur International Airport August 24,2019.

However, the unnamed analyst cast doubt on the switches being the main problem.

“I believe two core switches are brand new, whose lifespan could extend up to 15 years.

“It is not normal if the two new switches fail at the same time as if it was intentional and caused by a cyberattack.

“The failure of these core switches affected the Total Airport Management System network, which is the heart of the two terminals,” the analyst told NST.

The paper also reported Universiti Teknologi Malaysia associate professor Muhammad Zaly Shah Muhammad Hussein saying the airport authorities will have to conduct a full forensic investigation on the exact cause of the disruptions for public peace of mind.

“As long as the forensic report is not complete, I am sure the authorities will not exclude any possible causes, be it sabotage, hacking, equipment malfunction.

“If there is proof of subversive elements, the authorities could get CyberSecurity Malaysia involved in the investigation.

“Though I cannot state opinions on the exact cause at this time, I hope it is just an equipment malfunction, lack of maintenance or human error.

“I hope there is no cyber criminal element involved because that would be quite serious, and it would involve issues with passenger and airline data, and the security of the terminal,” he was quoted saying.

A police officer stands near the display board at the Kuala Lumpur International Airport in Sepang August 24, 2019.

Zaly also urged MAHB to improve its future contingency plans following the recovery of this incident to prevent further disruptions.

This includes having redundant critical operating systems of hardware that could take over if the main systems were ever to be compromised.

“The vendor should be at the facility 24 hours a day, seven days a week and 365 days a year to operate such a mission-critical system together with MAHB.”

This is the first simultaneous network failure of both KLIA terminals since it opened in 1998.