Bandwidth amplification dos or perhaps SYN flooding?
It's going to come down to the fact that they have the TS IP address, and that's the 1 and only thing they need to pull these attacks off.
I'm not good with TS and have only used it adaptively or as-required over the years, but certainly there must be some way to have an extra layer of security to stop it (or muffle it, which is usually enough to fend off someone who just wanted to make a point.)
My experience with this comes from gameserver administration; we ended up having to suffer it for over a year before switching hosts, and other things, only to find htey were accessing our IP through sourcebans and just hitting F5, most likely. There's literally no other possible way. THis is a totally different dynamic, though.
EDIT: From the enduser side of things, I did a hard reset on my cable modem. Note I don't use wireless of any kind, and it's simply the ethernet cable. It's an Aaris DOCSIS 3.0-compliant modem, no frills, just a step up from what an ISP charges you to rent. To do a hard reset on that, I had to take the battery out, unplug all cables, and actually leave it overnight. THe manual said 30+ minutes, but my particular ISP loves giving me the same address. Since there isn't that kind of time to spare, and since this is at the Teamspeak level from how I understand it, there must be a way to spoof or ghost the address, or pull off a similar task. When I could NOT get a new IP address, btw, (since htese attacks were incessant, any & every time I got on the computer, not just one of our gameservers,) I went to Device Manager or devmgmt.msc ---> located my internet adapter and went to properties ------> under advanced, there's a field for Network Address. ----> you can literally just click the radio button that lets you populate the box. You can put in anything you want, but they say that leading with two zero's makes it less obvoius that it's spoofed. I restart my PC and when it comes back, the spoofed MAC (on the adapter) gives the new IP address. A fellow admin got around this (as he was wireless) by using MAC Address Filtering from his actual router config screen.
We then used a service called Blockscript for our forums and site to mitigate things as much as possible.
I'll help any way that I can, but my limited knowledge and memory of this, sorry to say, is about as good as what I just got done typing above. We also have someoen specifically dedicated to the "IT"-oriented role, so I"m paraphrasing at best. I'll ask, though, and if he's online, I'll try to do some fact-finding about how to mitigate a dos on a TS server.
DoS attacks are so illegal as fck it's shocking to staggering levels how many people still dick around with this after the countless examples made out of ppl who get caught doing it.