Shielding Your Network from Dynamic Content Attacks

Cyber-attacks have become incredibly complex in 2018. The sophistication of these attacks isn’t the only concern, and as there are so many different ways that hackers can wreak havoc, many cybersecurity experts don’t take all necessary precautions. They often neglect to protect their systems against dynamic content attacks, because they are less common than other types of attacks.

How are dynamic content attacks orchestrated?
Most dynamic content attacks are launched against content delivery networks. The attacker uses networks of infected notes or botnets to request non-cached content from the target. If enough of these requests are made, the server will be overloaded and crash.

They are typically made as DDoS attacks, but there can be other purposes too. Another common approach is to alter digital signatures, and this can have very serious security implications if those signatures are used for contracts.

This is a particularly serious problem with financial institutions that use digital signatures to verify contracts over a CDN. A study from Dartmouth University highlighted these risks.

How can you protect against dynamic content attacks?
Taking the right precautions is essential. Here are some steps that you can take to protect your CDN from a dynamic content attack.

Use a hybrid protection system – Cyber-attacks can be conducted on multiple fronts. This means that you need multiple layers of security. You should invest in both cloud-based mitigation and on-premise cybersecurity technology. Mitigation technology has a very important benefit as it minimizes caching requests in the event of an attack.

Only choose a CDN with the right firewalls - You don’t want to invest in a CDN with poor security. Some CDNs have highly protective firewalls, while others offer very minimal protection. Amazon Web Services points that it is best to use a CDN that uses a large distributed network of proxy servers to shield against dynamic content DDoS attacks.  

Always do your research before choosing a CDN - You will probably focus mostly on the ancillary benefits the service provides. However, looking at the security features is equally crucial. You need to learn how CDNs work and the features to invest in for maximum protection. 

Profile the geographical origins of your attacks
Dynamic content attacks can be launched from anywhere in the world. You need to profile the origins of these attacks to mitigate them. There are a couple of reasons geographical profiling is necessary:

  • You can block traffic from countries where most dynamic content attacks originate. Countries like Russia, Sudan and North Korea account for a large number of these attacks. Modern CDNs allow you to restrict traffic from various countries. Add countries to the blacklist if there is a strong risk that hackers from those regions will launch a dynamic content attack against your network.
  • You can minimize DDoS attacks by making sure that all caching requests are directed to servers closest to the attackers. This has a couple of benefits: first of all, there will be a lower burden on servers if they are receiving caching requests from a hacker closer to them. Secondly, if the attack is conducted in an area where you receive few visitors, then it won’t have a large impact on your content network. The servers where your primary clients reside won’t be overloaded.

All modern CDNs have this capability. However, you need to make sure that it is properly enabled.   

What’s Hot on Infosecurity Magazine?