Under Admin -> Security -> Site policies, look at the three settings Account lockout threshold, Account lockout observation window, and Account lockout duration. They let you implement tar-pitting.
Not that under Admin -> Security -> IP blocker, you can block specific IP addresses from your Moodle site, which might also help mitigate the problem.