China's Ministry of Industry and Information Technology suspends Alibaba Cloud partnership over security lapse

Says it was not informed about a significant vulnerability

China's Ministry of Industry and Information Technology has suspended an information-sharing partnership with Alibaba's cloud division.

The government regulator claimed that Alibaba failed to promptly report and address a cybersecurity vulnerability.

Alibaba Cloud allegedly did not immediately report vulnerabilities in the open-source logging framework Apache Log4j2. It discovered the remote code execution vulnerability and notified the US-based Apache Software Foundation, but the MIIT found out through a third party report.

“This vulnerability may lead to remote control of equipment, which may lead to serious harms such as the theft of sensitive information and interruption of equipment services. It is a high-risk vulnerability," the telecommunications regulator said in a statement.

It has suspended a partnership with Alibaba on cooperating over cybersecurity threats and information-sharing platforms. It will reassess the suspension in six months, if the company makes internal changes.

China's Ministry of Industry and Information Technology suspends Alibaba Cloud partnership over security lapse

More in China

Nvidia plans three AI chips for China after US restrictions

TikTok's future hangs in the balance. So does its Oracle Cloud deal

Alibaba cuts cloud services costs by up to 55%, JD drops prices

Tags

Unlocking data center profitability: A guide to DCIM solutions

The make vs. buy decision for data center infrastructure management software – A clear choice

2023 Data Center Market Trends: Hong Kong Asia's Connectivity Hub

Emerging Energy Storage Technologies

China's Ministry of Industry and Information Technology suspends Alibaba Cloud partnership over security lapse

Get a roundup of the latest regional news across Asia fortnightly

More in China

Tags