PETALING JAYA: Airports are part of the critical national infrastructure and procedures must be in place to prevent system disruptions, says Cybersecurity Malaysia’s responsive services division senior vice-president Dr Aswami Fadillah Mohd Ariffin.
“When you deploy any system, you need to understand the risk, then manage it accordingly by having a policy combined with technical safeguards, ” he said, adding an internal investigation was needed to figure out the cause of the problem.
He said the glitch could be due to a number of reasons, from the system configuration not being up to date to pre-existing cybervulnerabilities or upgrading errors.
He warned that even if the disruption was not due to a cyberattack, it put the system in a vulnerable situation which could open it up to an attack.
Cybersecurity company LGMS director Fong Choong Fook said it was difficult to tell whether the disruption was a system update gone haywire or actual malicious activity.
“It’s hard to say. If there’s a ransomware message on the screen, then it’s easier to tell. If it’s just downtime, there could be many factors, ” he added.
Fong, however, noted that such disruptions could also happen without system updates.
“There are a lot of possibilities: poor maintenance, hardware failure, error in patching, software glitches, negligence in operation or, worse, cyberattacks, ” he said.
There are of course fail-safe methods that the airports could use, but that would result in a drop in efficiency, he said.
Fong added that prevention and proactive drills were crucial when large organisations update their systems.
“Information system disruptions are not just statistics; they become business cases and will cost us financially.”