There are several fairly effective countermeasures vs a standard DDoS attack (yes, I’ve worked on some, no, I’m not going to discuss them). And I mean beyond just IP blocking (which does work OK against VERY basic DDoS attacks, but can also block legit users, esp. if their computers have been zombied unbeknownst to them).
That said, a sophisticated DDoS attack can be a real pain in the @zz to handle. My bet is this will be the former, not the later.
I’ve worked in mission-critical computing for almost 20 years so I have some small familiarity with that of which you speak.
And I thank God daily that I don’t admin Windows systems.
:-)