It's not a DDoS. DDoS is designed to knock your site offline. This is just a bot login attack.
I don't have email alerts turned on for failed logins due to how frequently this happens. Instead of a username like "admin" I have usernames like "admin325" that aren't easily found. I periodically scan the Blocked IPs to see what usernames the bots are trying. I also have the Failed Login lockout set for 30 days.