On March 23, 2025, Kuala Lumpur International Airport (KLIA) experienced a significant cyberattack that disrupted its critical digital infrastructure. Hackers demanded a ransom of US$10 million, prompting immediate action from Malaysian authorities.
Prime Minister Anwar Ibrahim addressed the incident during the 218th Police Day Celebrations, describing it as a heavy cyberattack. He emphasized the government’s firm stance against yielding to such demands, stating, There is no way this country will be safe if its leaders and system allow us to bow to ultimatums by criminals and traitors, be it from inside or outside the country.
The attack specifically targeted the digital systems of Malaysia Airports Holdings Berhad (MAHB), the operator of the nation’s airports. Former Member of Parliament Wee Choo Keong reported that KLIA’s systems were down for over 10 hours, forcing staff to revert to manual operations. Social media posts depicted airport personnel using whiteboards to display flight information, highlighting the extent of the disruption.
This incident bears the characteristics of a ransomware attack, where malicious software encrypts system files, rendering them inaccessible until a ransom is paid. As of March 26, no hacking group has claimed responsibility for the breach.
In response, MAHB and the National Cyber Security Agency (NACSA) initiated a comprehensive investigation to assess the breach’s nature and scope. The Civil Aviation Authority of Malaysia (CAAM) was also notified. NACSA’s Chief Executive, Dr. Megat Zulhairy Megat Tajuddin, is actively monitoring the situation, while MAHB’s Managing Director, Datuk Mohd Izani Ghani, has implemented emergency protocols to maintain operational continuity. He assured stakeholders that technical and operational teams are diligently working to safeguard infrastructure and ensure an uninterrupted passenger experience.
Despite conflicting reports regarding the operational impact, cybersecurity experts suggest that the attackers likely exploited network vulnerabilities to compromise essential airport systems, including flight information displays, check-in terminals, and baggage handling processes.
This event has intensified calls for enhanced cybersecurity measures across Malaysia’s critical infrastructure. Recommendations include bolstering endpoint protection, implementing network segmentation, and adopting a zero-trust architecture. Prime Minister Anwar underscored the necessity for increased budget allocations to strengthen the nation’s cyber defenses, particularly for essential services.
