You should talk to a network engineer before making claims like this. There are mechanisms to curtail DDOS attacks at origin.

For a few reasons (political, economical) there’s little will to enact them, these attacks are so few and far between and you can pay your way out of them in most cases, so the incentives aren’t there for ISPs (whom are a commodity judged primarily on price and bandwidth)