Cant read the full research
There appears to be a paywall.
From what I can see it looks like they simply established that TFTP ports might be open and that might alliw an attack.
Realistically though the threat is elsewhere. Id imagine a lot of these TFTP enabled devices can easily be fingerprinted and are likely to be routers / switches / WAPs etc.
Or even more worryingly...phone systems...or indeed phone handsets.
More worrying still is the fact that TFTP is usually off by default on a lot of stuff and only gets enabked when maintenance or firmware updates are required.
Forget the DDoS threat...what about malicious firmware upgrades?
I doubt the majority are actual TFTP servers since most of us only fire up a TFTP server when we need it...right?