Usually[0] contacting the operator's ISP and informing them of the situation will get said ISP to contact said operator. All that outbound traffic does represent a cost to the ISP, after all. A call from your ISP usually gets a bit more respect than a call from some random person.
In the past what usually happens is the ISP disconnects you until you prove you've fixed whatever it was (sometimes they're nice and block just part of the connection, or give you a warning).
Surprisingly enough, the ISP often has no real way of contacting anyone; the easiest is to cut the connection and wait for a complaint.
Yep. Sad but true. Nobody bothers to keep their contact info up to date with their ISP it seems. Non-critical stuff sometimes can be mailed to a customer's service address, but often disconnecting someone is all an ISP can do to make them aware they have a problem.
It really depends on the ISP. After spending some time trying to get phishing sources taken down and not getting anywhere, I wouldn't be hopeful about DDoS (reflection) sources being taken down either. When I was running servers that were getting DDoSed frequently (but thankfully for short intervals and not with tons of bandwidth), trying to get chargen servers or wordpress servers fixed didn't even seem like an option. Just make sure my servers wouldn't fall over, or at least would fall over gracefully.
[0]- In the US; I don't know about anywhere else