This isn't as simple as it sounds; they'd need to identify DDoS traffic and reroute, while still allowing "legitimate" users through.
But this may not be the sort of brute-force bandwidth DDoS that this was designed to handle either -- it could be a more targeted attack to existing bottlenecks in GitHub's architecture.
