Why Was Alibaba Cloud Suspended for Six Months Over the Log4j2 Flaw?
The Chinese cybersecurity authority has suspended Alibaba Cloud’s partnership for six months after the company discovered a critical Log4j2 vulnerability but failed to promptly report it, highlighting gaps in vulnerability disclosure and threat‑management processes.
Recently, the Ministry of Industry and Information Technology's Cybersecurity Management Bureau announced that Alibaba Cloud Co., Ltd. is a cooperative unit of its cybersecurity threat information sharing platform.
Alibaba Cloud discovered a serious security vulnerability in the Apache Log4j2 component but did not promptly report it to the telecommunications regulatory authority, which impeded the Ministry's ability to manage cybersecurity threats and vulnerabilities.
Consequently, the Ministry has decided to suspend Alibaba Cloud's status as a cooperative unit for six months.
After the suspension period, the Ministry will consider restoring the partnership based on Alibaba Cloud's remediation efforts.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Programmer DD
A tinkering programmer and author of "Spring Cloud Microservices in Action"
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.