The Ministry of Industry and Information Technology suspended the platform cooperation of Alibaba Cloud Information * * * this time, because Alibaba Cloud did not immediately report it to the Ministry of Industry and Information Technology, but reported it to the Apache Open Source Foundation when he found a major loophole in the open source log component log4j under the Web server Apache. In violation of the regulations of the Ministry of Industry and Information Technology, Alibaba Cloud will be suspended for six months. Upon expiration, it will be decided whether it is necessary to restore the identity of the cooperative unit in Alibaba Cloud according to the rectification situation in Alibaba Cloud. Log4j, as an open source logging tool developed by JAVA, can effectively record the data generated during the running of the program, which is of great significance for analyzing the problems existing in the system or the running state. Log4j is widely used in the world because of its powerful functions. Because it is widely used, once there is a problem, the consequences will be particularly serious.

165438+1On October 24th, Alibaba Cloud discovered a major vulnerability in Log4Shell. This vulnerability can make the device remotely controlled, so that sensitive information can be stolen, and the interruption of the device will cause serious harm to the system. It is a high-risk loophole, and there are even voices that this is the biggest loophole in ten years. However, after discovering this vulnerability, Alibaba Cloud did not submit the information to the information platform of network security threats and vulnerabilities of the Ministry of Industry and Information Technology within 2 days according to the requirements of the Regulations on the Management of Network Product Security Vulnerabilities. Hackers can launch attacks within 72 hours after learning about the vulnerability, but the national security vulnerability sharing platform didn't get the vulnerability until half a month after the incident. Therefore, Alibaba Cloud is not wronged to terminate its cooperation with Alibaba Cloud.

Let's look at the impact of this incident on Alibaba Cloud. The termination of cooperation between CITIC and Alibaba Cloud will definitely affect Alibaba Cloud's development in China, and cooperation with some enterprises, especially state-owned enterprises, will also be suspended. Compared with the economic loss, the loss of reputation will be even greater.

Do you know what is the reason behind the suspension of Alibaba Cloud Information by the Ministry of Industry and Information Technology? Welcome to leave a message for discussion.