Why Alibaba Cloud Was Suspended Over Unreported Log4j2 Vulnerability
The Chinese Ministry of Industry and Information Technology suspended Alibaba Cloud for six months after the company failed to promptly report a critical Log4j2 vulnerability, highlighting the importance of timely disclosure and compliance with national cybersecurity regulations.
Content originally from 21 Finance (source: https://m.21jingji.com/timestream/html/%7BU9Pjf0FaKEU=%7D).
The Ministry of Industry and Information Technology's Cybersecurity Administration announced that Alibaba Cloud Co., Ltd. is a cooperative unit of the MIIT cybersecurity threat information sharing platform.
Recently, after discovering a serious security vulnerability in the Apache Log4j2 component, Alibaba Cloud failed to promptly report it to the telecommunications regulatory authority, thereby not effectively supporting MIIT's network security threat and vulnerability management.
As a result, the authorities have decided to suspend Alibaba Cloud's status as a cooperative unit for six months.
After the suspension period, the cooperation may be restored depending on Alibaba Cloud's remediation efforts.
Some observers question how a company once praised for its capabilities could be penalized so quickly after uncovering a global “nuclear‑level” vulnerability.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Java High-Performance Architecture
Sharing Java development articles and resources, including SSM architecture and the Spring ecosystem (Spring Boot, Spring Cloud, MyBatis, Dubbo, Docker), Zookeeper, Redis, architecture design, microservices, message queues, Git, etc.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.