China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months.
According to China Daily, the suspension came after Alibaba Cloud failed to report a major security loophole to MIIT in time, and the company failed to effectively support the ministry's efforts to manage cybersecurity threats and vulnerabilities, sources said.
"Alibaba Cloud did not immediately report vulnerabilities in the popular, open-source logging framework Apache Log4j2 to China's telecommunications regulator, " said the 21st Century Business Herald, citing a recent notice by the MIIT.
Alibaba Cloud recently discovered a remote code execution vulnerability in the Apache Log4j2 component, notifying the U.S.-based Apache Software Foundation, according to the statement. MIIT said it then received a report from a third party about the issue, rather than from Alibaba Cloud.
Once the suspension period expires, the ministry will study whether to resume Alibaba Cloud's identity as a cooperative partner based on the company's efforts to rectify its operations, the report said.
A Reuters report said that this measure highlights Beijing's desire to strengthen control over key online infrastructure and data in the name of national security. The Chinese government has asked state-owned companies to migrate their data from private operators such as Alibaba and Tencent to a state-backed cloud system by next year.