YALE-MSS-9.10: Prevent brute force attacks

Crowdstrike Outage Cybersecurity

Recently, a faulty update from CrowdStrike caused a worldwide technical outage. The outage mostly impacted Windows systems. CrowdStrike confirmed this was a technical issue and not a cybersecurity attack. However, we should be aware of how cybercriminals will use this outage to their advantage.

Standards Group:
YALE-MSS-9: Authentication and Authorization

Low Risk Endpoint Not Required Moderate Risk Endpoint Not Required High Risk Endpoint Upcoming Low Risk Server Not Required Moderate Risk Server Not Required High Risk Server Upcoming Low Risk Mobile Device Not Required Moderate Risk Mobile Device Not Required High Risk Mobile Device Upcoming Low Risk Network Printer Not Required Moderate Risk Network Printer Not Required High Risk Network Printer Upcoming

Details

Details and definitions

Ways to implement this standard include:

locking the account
Implementing a temporary timeout between failed logins

Controls

YALE-MSS-9.10.1: Implement rate limiting or failed authentication lockouts

Crowdstrike Outage Cybersecurity

YALE-MSS-9.10: Prevent brute force attacks

Standards Group:YALE-MSS-9: Authentication and Authorization

Details

Controls

Standards Group:
YALE-MSS-9: Authentication and Authorization