Log all the DOS packets for future forensics. Data-mine the logs for the largest aggregate packet senders. Have your lawyers send them lawsuits for civil damages.
Even if they claim they are innocent or unwitting victims of a server hijack, they, and their service provider should have recognized the massive insecure traffic and mitigated it. Lack of security on high bandwidth servers is no excuse.
Can OAN IT department point incoming traffic to CNN for a while?