Malaysia PM says country rejected $10 million ransom demand after airport outages

Computer outages at Malaysia’s Kuala Lumpur International Airport (KLIA) this weekend were attributed to a recent cyberattack, according to the country’s cybersecurity agency and aviation authority. 

Malaysia’s National Cyber Security Agency (NACSA) and Malaysia Airports released a joint statement Tuesday confirming that a cyberattack started causing disruptions on March 23.

“A comprehensive investigation was immediately launched to assess the nature and extent of the incident,” the officials said.

The statement emerged as Malaysian Prime Minister Anwar Ibrahim also confirmed the incident during a speech on Tuesday. 

Ibrahim said the attackers targeted Malaysia Airports Holdings Berhad (MAHB), the company that runs most of the country’s airports, and demanded a $10 million ransom.

“When I was informed about this … I did not wait five seconds. I said no,” he said, according to the South China Morning Post.

“There is no way this country will be safe if its leaders and system allow us to bow to ultimatums by criminals and traitors, be it from inside or outside the country.”

Ibrahim did not say what group is behind the attack and no group has taken credit for the incident. Officials did not respond to requests for comment about whether the incident involved ransomware.

Megat Zuhairy Megat Tajuddin, chief executive of NACSA, said in the statement on Tuesday that they received a report on the incident on March 23 and have been following the situation closely. Tajuddin claimed operations at the Kuala Lumpur airport “are not impacted.”

Senior Malaysia Airport administrators said they are working with other airport partners to “ensure that flight operations and passenger processing continue to operate normally.”

A former lawmaker slammed the government for not being more forthright about the situation, sharing photos from the airport showing workers writing out departure times on a dry erase board. 

“Was it true that the disruption In KLIA 1 & 2 was due to a ‘network equipment failure?’” said Wee Choo Keong, who has become a prominent critic of the government since leaving office. “Systems were down for more than 10 hours, affecting flight information displays, check-in counters, and baggage handling. This led to manual operations (e.g., whiteboards for communication). What a primitive ways [sic] in communications at an international airport?”

Over the last six months, ransomware gangs have damaged systems used at international airports in Seattle, Japan and Mexico.