SHAH ALAM - A cyberattack targeting Malaysia Airports Holdings Bhd (MAHB) recently disrupted Kuala Lumpur International Airport (KLIA) systems, prompting a ransom demand of US$10 million from hackers.
While the government refused to comply, conflicting reports have emerged about the extent of the impact, with some sources claiming flights were delayed, despite official statements suggesting otherwise.
Here is what we know so far.
What Happened?
Prime Minister Datuk Seri Anwar Ibrahim first revealed the cyberattack during the 218th Police Day celebration, stating that hackers had breached MAHB’s digital system one or two days prior and demanded a USD $10 million ransom from the government.
"Yesterday, we discussed the cyberattack that seriously impacted MAHB. The discussion focused on how to resolve the matter, including the hackers’ demand for USD $10 million.
"I did not wait five seconds before immediately saying no," Anwar said.
He emphasised that the government would not submit to criminal ultimatums, whether from domestic or foreign actors and called for increased funding to strengthen Malaysia’s cybersecurity infrastructure.
Was KLIA Affected?
Following Anwar’s statement, MAHB and the National Cyber Security Agency (Nacsa) released a joint statement confirming that a cybersecurity threat had been detected on March 23.
However, they claimed that airport operations were unaffected.
"We understand that the operations at KLIA are not impacted and will continue to monitor the situation and support Malaysia Airports,” Nacsa Chief Executive Ir Megat Zulhairy Megat Tajuddin said.
MAHB Managing Director Datuk Mohd Izani Ghani echoed the same message.
"We are working with our airport partners to ensure that flight operations and passenger processing continue to operate normally,” he said.
Despite these reassurances, conflicting reports suggest that the cyberattack did disrupt KLIA’s systems, causing delays and chaos for passengers.
Claims of Flight Delays and System Failures
A highly placed source reportedly revealed that the cyberattack crippled key airport systems for over 10 hours on March 23, leading to significant disruptions.
A local online portal quoted the source that claimed the attack knocked out KLIA's flight information display systems, check-in counters and baggage handling, forcing manual operations.
"Can not say we were not affected. Thousands of people saw that the boards were not working," another aviation industry source reportedly said.
The same source claimed that flight information boards remained down intermittently for two days after the attack, before finally being restored.
This contradicts the official narrative that KLIA operations were unaffected, raising questions about the true extent of the impact.
What is Next?
Anwar has stressed the urgency of bolstering Malaysia’s cybersecurity defences, particularly for critical infrastructure such as airports and financial institutions.
"We are planning to allocate more funds to strengthen Malaysia’s cybersecurity systems," he said, adding that Bank Negara Malaysia (BNM) and the police would also need additional resources to counter future threats.
The identity of the hackers and the exact nature of the breach remain undisclosed, with authorities still investigating the incident.
The MAHB cyberattack has raised serious concerns about Malaysia’s vulnerability to cyber threats. While officials insist that airport operations were not disrupted, passenger reports and sources suggest otherwise.
The incident highlights the need for stronger cybersecurity measures to protect national infrastructure from digital threats.