Gets block headers in a loop, that's all. It doesn't look like an attack to me.

I'm not sure the author of this "exploit" realises that most of the time a lot of nodes are syncing and someone provides this copy of the chain somewhere. It's possible to regulate all of this with settings, the trickle rate, disabling relay of blocks and/or transactions.

An active firewall could be designed that does a tall-poppy trimming on the EMA of connections to and from a given process, throttling the outliers down until they are below the 2SD.

This is not a problem unique to Bitcoin, many p2p networks there can be this kind of attack, that's why we have Cloudflare, and Amazon, even centralised networks have to handle this type of resource exhaustion attack. It impacts concurrent use of the resources so it affects everyone.