Yes, Blizzard servers are definitely under attack ATM - hope they arrest the culprits.
I don't understand why the cyber security people at Blizzard can't simply block the IP address(es) that are causing the issue, track their location, and send the authorities to arrest them. If the attackers are from a foreign country, simply block them and report them to their countries authorities. I'm sure its not that simply, but, would love to hear from someone with Cyber Security knowledge that can explain why its not that simple..
Basically unless there's an audit trail somewhere to trace stuff back then it's impossible, however even when there's some sort of trail it's still very hard to trace as this may be spread over several different countries and hundreds of computers.
Although if you can't work out the previous step in the trail then it's pretty much unto the authorities which may or may not be co-operative. For example, reporting a DDoS 3 months after it happens, with an investigation starting in another month - ah I'd say it's nearly impossible.
Even in some situations you may be able to trace it back to something like a router at an ISP, but it might not be logging who performed actions on it. (But you'd expect the ISP to tighten up security a bit).
But yeah, at the end of the day, no matter how qualified you are it still relies on way too many factors and variables for it to be easy and often it's simply impossible.
Its far from that easy to stop a botnet attack, the biggest botnet ddos attack that I recall was about 100,000 internet devices attacking the DNS hosting servers for a day. Most of the IP addresses that would be logged would also be from innocent people that have been infected with a virus on their computers or internet connected device and have become a drone for a botnet controller.