[viraptor]

If your operation includes communication over internet, bgp hijack is in your threat model (or your threat model is incomplete). I don't understand how "endpoints we care about may become unreachable" is not a big point for everyone. (Unless your business is extremely async and a day of delays is insignificant)

[ozr]

By this logic, I should be concerned about defending against raccoon attacks since they are endemic to my area and I often go outside.

The point is that, in practice, the attacks are so uncommon and mitigated by so many other factors that the cost involved of further mitigation it isn't worth it.

You develop a threat model to specifically get rid of concerns like this; not to list every possible attack vector imaginable.