CPDoS Attack can Poison CDNs to Deliver Error Pages Instead of Legitimate Sites

Francesco Altomare Southern Europe Regional Manager @ GlobalDots
1 Min read

Two academics from the Technical University of Cologne (TH Koln) have disclosed this week a new type of web attack that can poison content delivery networks (CDNs) into caching and then serving error pages instead of legitimate websites.

Reduce your AWS costs by over 50%

Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.

Reduce your AWS costs 
by over 50%

cpdos
Image Source

The new attack has been named CPDoS (Cache-Poisoned Denial-of-Service), has three variants, and has been deemed practical in the real world (unlike most other web cache attacks).

HOW CPDOS ATTACKS WORK

CPDoS attacks are aimed at two components of the modern web — (1) web servers and (2) content delivery networks.

Web servers store the original website and its content, while CDNs store a cached copy of the website that is only refreshed at certain time intervals.

Despite their simplistic role, CDNs are a crucial part of the modern internet, as they can alleviate the load on web servers. Instead of a web server computing the same user request over and over again, a CDN can provide some of the incoming users with a copy of the website, until the CDN refreshes itself with a new version.

CDNs are widey used. Any attack on a CDN system can have devastating consequences on a website’s availability, and, hence, it’s profitability.

Read more: ZDnet.com

 

Latest Articles

An expert’s analysis: Here’s what we need to build a better IoT

Eduardo Rocha, Senior Solutions Engineer at GlobalDots, contributed a guest post to BuiltIn, the online community for startups and tech companies.  In the article, he outlined his approach for creating an IoT infrastructure that is both durable and secure. Here are some of the main takeaways: Reduce your AWS costs by over 50% Discover your Cloud Saving Potential […]

Dr. Eduardo Rocha Senior Solutions Engineer & Security Analyst @ GlobalDots
28th February, 2023
What is a Content Delivery Network? CDN Explained

With the increasing demand for speedy and efficient content delivery, advanced solutions like the Content Delivery Network (CDN) have emerged. But what does CDN actually mean? Essentially, it’s a network of strategically positioned servers aimed at enhancing the speed and dependability of delivering content to users in different locations. These servers store cached copies of […]

Francesco Altomare Southern Europe Regional Manager @ GlobalDots
4th January, 2023
It’s time to unleash the power of the force!

There’s a galactic misconception that monitoring CDNs has no value and is too expensive to store and index. While that used to be true, it’s now the worst mistake an IT-jedi can make!  GlobalDots, a 20-year CDN expert, teamed with observability innovator Coralogix, to develop a next generation observability platform for monitoring Content Delivery Networks’ […]

GlobalDots
12th December, 2022

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential