Airports are part of the critical national infrastructure and procedures must be in place to prevent system disruptions, says Cybersecurity Malaysia’s responsive services division senior vice-president Dr Aswami Fadillah Mohd Ariffin.
In an unforeseen first-ever disruption of its airport management system, the operations of Kuala Lumpur International Airport (KLIA) came to a halt for hours, with scores of flights delayed and passengers left stranded and frustrated.
The flights were scheduled to take off for destinations in Japan, Australia, Singapore, China, Hong Kong, Indonesia, Bangladesh, India, Myanmar, Britain and Dubai as well as domestically, Penang, and Kuching and Sibu in Sarawak.
The disruption to the Total Airport Management System (TAMS) at both terminals in KLIA affected flight display information and slowed down the check-in process among others.
It was the first such widespread system glitch to hit KLIA since its inception in June 1998.
“When you deploy any system, you need to understand the risk, then manage it accordingly by having a policy combined with technical safeguards, ” he said, adding an internal investigation was needed to figure out the cause of the problem.
He said the glitch could be due to a number of reasons, from the system configuration not being up to date to pre-existing cybervulnerabilities or upgrading errors.
He warned that even if the disruption was not due to a cyberattack, it put the system in a vulnerable situation which could open it up to an attack.
Cybersecurity company LGMS director Fong Choong Fook said it was difficult to tell whether the disruption was a system update gone haywire or actual malicious activity.
“It’s hard to say. If there’s a ransomware message on the screen, then it’s easier to tell. If it’s just downtime, there could be many factors, ” he added.
Fong, however, noted that such disruptions could also happen without system updates.
“There are a lot of possibilities: poor maintenance, hardware failure, error in patching, software glitches, negligence in operation or, worse, cyberattacks, ” he said.
There are of course fail-safe methods that the airports could use, but that would result in a drop in efficiency, he said.
Fong added that prevention and proactive drills were crucial when large organisations update their systems.
“Information system disruptions are not just statistics; they become business cases and will cost us financially.”
Read more at https://www.thestar.com.my/news/nation/2019/08/23/safeguards-needed-to-prevent-glitches-say-experts#Trb7301IQcCSS3MF.99