Techniques for mitigating timing attacks via dynamically scaled time dilation are provided. According to one set of embodiments, a computer system can enable time dilation with respect to a program, where the time dilation causes the program to observe a dilated view of time relative to real time. Then, while the time dilation is enabled, the computer system can track a count of application programming interface (API) calls or callbacks made by a program within each of a series of time buckets and, based on counts tracked for a range of recent time buckets, scale up or scale down a degree of the time dilation.