Singapore — Chinese authorities suspend cybersecurity partnership with cloud computing sector
Beyond report delays Global software vulnerabilities It is making noise in governments and businesses around the world, state media reported.
China’s tech ministry said cybersecurity threats and information platforms would stop working with Alibaba Cloud for six months because the company didn’t report it. Defects in Log4j2 The state-owned China Daily reported to relevant authorities on Wednesday in a timely manner, citing unnamed provincial officials. Alibaba declined to comment.
A flaw in the Apache Log4j software, a free code that records computer network and application activity, was released this month and is being exploited by hackers trying to access retail stores, government sites, and more. In the United States, authorities said hundreds of millions of devices were at risk and issued an emergency directive ordering federal agencies to take steps to mitigate the threat by Christmas Eve.
Freely distributed by the non-profit Apache Software Foundation, Log4j has been downloaded millions of times and is the most widely used tool for gathering information across corporate computer networks, websites, and applications. It is one of.
Technology suppliers such as
They say they are deploying patches for flaws,
They say they are monitoring the problem.
According to the China Daily report, Alibaba is part of a national cybersecurity threat database and members need to promptly report information about such defects. The Hangzhou-based company did not report the issue, which quickly hampered the Ministry of Industry and Information Technology’s efforts to effectively address the threat, the report said.
The ministry, also known as MIIT, said it would reassess Alibaba’s corrective actions before resuming its current partnership. MIIT did not respond to fax requests for comments sent after business hours.
MIIT issued a statement on its website about software flaws on Friday, saying it received a Log4j vulnerability report eight days ago and called on cybersecurity experts, including Alibaba Cloud experts, to assess cybersecurity threats. I added. In a statement, the ministry stated that a flaw in Log4j is a high-risk vulnerability that could allow remote control of equipment and theft of sensitive information.
MIIT added that Alibaba Cloud discovered a vulnerability in Log4j and notified the Apache Foundation of its existence.
Alibaba, the first Chinese technology provider to enter cloud computing China’s largest cloud provider According to Canalys researchers, it accounted for 34% of the national market in the second quarter of this year.
In the European Union, member country cybersecurity response teams closely monitor Log4j development. Belgian Ministry of Defense He said he had shut down part of his computer network due to a cyberattack related to the vulnerability.
— Rachel Liang and Zhao Etsumine contributed to this article.
Write to Lizarin Liza.Lin@wsj.com
Copyright © 2021 DowJones & Company, Inc. all rights reserved. 87990cbe856818d5eddac44c7b1cdeb8
China will suspend Alibaba’s cybersecurity cooperation to delay reporting threats, state media said
Source link China will suspend Alibaba’s cybersecurity cooperation to delay reporting threats, state media said
The post China will suspend Alibaba’s cybersecurity cooperation to delay reporting threats, state media said appeared first on Eminetra.