"The ddos was too small to even register on global attack map yet overwhelmed their configuration."
That's because it didn't happen.
The system failed under load and the work experience lad running it panicked. IBM have admitted as much in their submission (well OK, the panic bit rather than who was in charge). The DDOS story came out because that's what they thought they were dealing with at the time and now they can't take it back without looking like muppets. This is a classic management face-saving situation.