Chinese regulators have suspended a cyber-security deal between leading Chinese e-commerce company Alibaba Group Holding Ltd (HKG: 9988) and its subsidiary Alibaba Cloud Computing. Going with the media reports, the regulators are accusing Alibaba of failing to promptly report and address cyber-security vulnerabilities.
According to a recent notice by China’s Ministry of Industry and Information Technology (MIIT), Alibaba failed to report vulnerabilities in the popular open-source logging framework Apache Log4j2 to China’s telecommunications regulator.
“This vulnerability may lead to remote control of equipment, which may lead to serious harms such as the theft of sensitive information and interruption of equipment services. It is a high-risk vulnerability,” said the telecommunications regulator.
The notice says that, in response to this matter, MIIT suspended a cooperative partnership with Alibaba Cloud Computing regarding cyber security threats and information sharing platforms. The cooperative partnership will be reassessed and reviewed in six months depending on internal reforms by the company.
In addition, the Chinese government has asked state-owned companies to migrate their data from private operators like Alibaba and Tencent Holding Ltd. (HKG: 0700) to government backed cloud-systems by 2022.