Is it possible to get a TLD registrar to set a very short TTL like 5min on your NS record? Then you can switch to a backup DNS hosted on another network fast.
Yes, you can set a short TTL on your NS record, but that would not keep this attack from hijacking your site.
This attack intercepts the clients DNS lookup, so the DNS a browser is talking to is ill-behaved.
No amount of correct setup here will work because the ill-behaved DNS server will just replace your setup with whatever that server wants.
There is no strong defense against this as a website. With an app the solution would be certificate pinning. You could try HPKP but that comes with a host of issues and I think it is being deprecated.
Wait: in example.com say .com registrar sets a 5min TTL on NS record for example.com that resolves to 1.2.3.4. That means that your DNS server is at 1.2.3.4, serving your A and MX records. An attacker BGP hijacks 1.2.3.4. You change NS record in your .com registrar settings to 5.6.7.8 that is not compromised. Notice I am not talking about your A or MX records that you controlled on a compromised IP, but of NS record that a .com registrar controls. So after 5 min the browsers contact a non-compromised nameserver at 5.6.7.8 to get your A records.
I think unless a TLD registrar gets hijacked that mitigates the attack on your own DNS after the NS TTL