Attacks often cannot be filtered ahead of time, or we would already have it filtered. The problem is that some attacks need the data to be looked at closely so that a proper filter can be put in place that does not filter legit traffic, but blocks the attack traffic.
A good example is two different Garrysmod servers at the Dallas location that reported attacks today. Both of them were hit with DRDoS attacks, which we talk about here: viewtopic.php?f=25&t=4960
Filtering an attack like this without blocking traffic from other players requires a very specific and advanced filter, one that cannot be applied to all servers, and one that requires detailed data on the traffic.
Long story short, the reason better protection than what we already have isn't automatically in place is because the situation is far more complicated than that.