Properly configured DNS secondaries hosted at different ISPs would have completely mitigated the problem for everyone but Dyn. Because Dyn hosts its own secondaries, hitting Dyn downed both primary and secondary servers.
ISPs need a peering pool arrangement for DNS secondaries, where secondaries are distributed over the entire pool.
This is how it was designed to work: multiply connected redundant secondaries.
The worst damage possible in that scenario is the inability to update DNS information hosted at Dyn itself, or to initiate zone transfers in or out of Dyn.
That reduces it from an attack on the DNS infrastructure to an attack on Dyn itself (which is much less important to everyone but Dyn).