PETALING JAYA: Airports are part of the critical national infrastructure and procedures must be in place to prevent system disruptions, says Cybersecurity Malaysia’s responsive services division senior vice-president Dr Aswami Fadillah Mohd Ariffin.

“When you deploy any system, you need to understand the risk, then manage it accordingly by having a policy combined with technical safeguards, ” he said, adding an internal investigation was needed to figure out the cause of the problem.

He said the glitch could be due to a number of reasons, from the system configuration not being up to date to pre-existing cybervulnerabilities or upgrading errors.

He warned that even if the disruption was not due to a cyberattack, it put the system in a vulnerable situation which could open it up to an attack.

Cybersecurity company LGMS director Fong Choong Fook said it was difficult to tell whether the disruption was a system update gone haywire or actual malicious activity.

“It’s hard to say. If there’s a ransomware message on the screen, then it’s easier to tell. If it’s just downtime, there could be many factors, ” he added.

Fong, however, noted that such disruptions could also happen without system updates.

“There are a lot of possibilities: poor maintenance, hardware failure, error in patching, software glitches, negligence in operation or, worse, cyberattacks, ” he said.

There are of course fail-safe methods that the airports could use, but that would result in a drop in efficiency, he said.

Fong added that prevention and proactive drills were crucial when large organisations update their systems.

“Information system disruptions are not just statistics; they become business cases and will cost us financially.”