China’s telecommunication regulatory pauses partnership with Alibaba Cloud

China’s telecommunications regulator paused a partnership with Alibaba Cloud after one of the firm’s engineers discovered the Log4shell security flaw.

According to state-backed Chinese media, the suspension is because the firm did not report Log4shell to The Ministry of Industry and Information Technology (MIIT) in time.

The company first alerted the foundation overseeing the flawed code.

Alibaba Cloud is part of the Chinese tech giant, Alibaba Group.

Log4Shell is the name given to a security flaw in the widely used Log4j software the open source software is overseen by the Apache Software Foundation.

Millions of computers running online services use Log4j for logging or recording events, and security experts have described the flaw as one of the worst discovered in the last ten years.

Alibaba found the security flaw and first reported the glitch to the Apache Software Foundation so that they could fix the problem, but according to state-backed Chinese media, Alibaba was suspended because it did not report to MIIT quickly enough.

“The company failed to effectively support the ministry’s efforts to manage cyber-security threats and vulnerabilities”, China Daily reported.

The suspension by the MIIT will be reviewed in six months, according to the 21st Century Business Herald article which broke the story.

The partnership covered a cyber-security threat information-sharing platform.