SOURCE / INSIGHT
Alarms across internet sector following platforms' system failures
Industry calls for strengthened oversight, regulation as malfunctions trigger concerns on data security
Published: Dec 04, 2023 03:47 PM
A concept photo of cybersecurity Photo: VCG

A concept photo of cybersecurity Photo: VCG


A number of leading Chinese internet platforms, including Didi, Tencent and Alibaba, have reported app crashes or system malfunctions recently, which has triggered public concerns about the reliability of technology as well as cyberspace and data security issues associated with digital platforms that manage huge amounts of user information and other sensitive data.

While the platforms have been scrambling to repair and shore up their systems, industry insiders stressed the importance of leading enterprises taking responsibility to ensure their apps' safe and stable operation. They also called for more efforts, including tightening regulations and enhancing supervision, to prevent abrupt system failures.

On Sunday night, Tencent Video experienced a network malfunction, as some users complained that they could not load content and the VIP users were unable to watch member-exclusive videos, according to media reports. Relevant topics on "Tencent Video malfunction" were hot search items on Weibo on Sunday night. 

In its response, the company acknowledged on Sunday night that it was facing a brief technical issue and was fixing the system. The company also apologized for inconvenience caused by the malfunction. 

Tencent Video resumed operation late Sunday night, according to media reports.

More app breakdowns

The breakdown of Tencent Video was the latest in a series of app crashes since mid-November. 

On November 28, ride-hailing platform Didi resumed normal business operation after a breakdown lasting as long as 12 hours due to a "system malfunction," during which it lost tens of millions of transactions worth more than 400 million yuan ($56.43 million), according to media reports.

A Beijing resident told the Global Times that late on November 27, he found himself unable to hail a ride through Didi. After several attempts, it showed "order failed to send" or simply displayed an exclamation mark. He rushed to catch the last subway instead.

Some Didi users were also charged hefty fees exceeding the normal price. According to a screen capture on Weibo, one passenger was asked to pay 270 yuan for a 7-kilometer ride. 

A senior cyberspace security expert at Beijing-based internet security company 360, who asked not to be identified, told the Global Times on Monday that there were six possible reasons behind the Didi system breakdown: an error in programming or unhandled expectation; a cyberspace attack; ransomware; server failure; third-party service failure; and a distributed denial of service (DDOS) attack. A DDOS attack involves an attempt to overwhelm an online service by flooding it with more requests than it can handle.

"The last three reasons are unlikely. Considering that Didi's platform was paralyzed, it could be caused by 'problems at home.' If it was a ransomware attack, the hackers might have encrypted the platform's underlying data and service code," the expert said. 

Didi later apologized for its system failure, and denied online speculation that it was due to a hacking attack. It was initially determined that the cause of the system failure was a malfunction impacting its system software.

Previously, on November 12, news about the crash of Alibaba Cloud, or Aliyun, surged to the top of Weibo's trending topics, followed by related trends such as "Taobao crashed" and "DingTalk crashed." Alibaba Cloud, Taobao and DingTalk are all business lines and platforms operated by Alibaba. 

"Around 7:20 pm, after emergency handling by engineers, Alibaba's platforms, including Taobao, DingTalk and Aliyun, were fully restored," the company said. 

On December 18, 2022, Alibaba Cloud's Hong Kong service suffered another system failure, causing the suspension of cryptocurrency withdrawals on the OKX exchange, and disabling websites at Macao's monetary authority and various businesses, the South China Morning Post reported on the same day.

After the incident, Alibaba's then-CEO Daniel Zhang Yong sent a harshly worded internal letter, stressing that "stability and safety is the basic responsibility to clients."

Stepped-up measures required

Industry insiders said that as the number of users continues expanding amid China's fast-developing digital economy, certain digital platforms could be hit with stability problems due to the large volume of requests involved. 

"There could be issues in the component [used by a process]. Due to the large quantity of generic components used in Alibaba Cloud, it is very hard to identify the exact problem among an ocean of codes," Wang Peng, an associate researcher at the Beijing Academy of Social Sciences, told the Global Times on Monday. "Any small error in a huge and complicated system could lead to a chain effect and result in system breakdown."

Industry insiders noted that compared with foreign digital platforms, Chinese ones are more capable and experienced in handling "periodic spikes in traffic" as well as potential DDOS attacks.  

In early November, OpenAI reported outrages for ChatGPT and API users, which OpenAI said was a result of "an abnormal traffic pattern" reflective of a "DDOS attack," a Forbes report said.

Chinese government has always put great emphasis on safeguarding cyberspace security. Placing equal emphasis on development and security, China has consolidated its lines of defense so that the internet grows in a secure environment and further boosts cybersecurity, according to a white paper entitled "China's Law-Based Cyberspace Governance in the New Era" released in March.

In terms of how Chinese and foreign platforms deal with system breakdowns, Wang said there are similarities, such as initiating an emergency response plan as well as allocating resources for repair and maintenance.   

"It is of pressing need for Chinese internet companies to put an emphasis on the security management of data centers and cloud platforms. More precautionary measures should be taken to strengthen the protection of key basic information infrastructure, and enterprises should scale up research and development in technologies related to data security and cyberspace security," Wang stressed.

For example, Chinese companies could adopt more cloud computing and big data technologies to improve their data safety and data handling ability. Also, using automated and intelligent tools for real-time monitoring is essential in elevating the reliability and stability of system operations, he said.

Meanwhile, industry insiders also urged regulators and industry associations to carry out their supervision responsibility, to guide industry players to live up to their main responsibilities, improve safeguard measures and strengthen emergency response capacities.