Of course, but you're assuming that such an attack would just have one layer.

A sophisticated attack would play the probabilities by not focusing just on the application layer, but combining it with multiple other layers; in the most simplest form, say, a BGP attack that makes a significant portion of the internet unreachable for you.

It's super expensive and super low success rate against an active operator. Your highest risks are your lightning channel partners that you didn't vet, much higher than any node eclipse attack.