I know you are just asking a question, but I think there are some misconceptions in your question, and also in comments by others above what ISPs do, and the effectiveness of vpn.
ISPs know, but do not need to know what you are streaming to block streams/sites. If you are in uk and you do not believe me, and if you have no circumventing scheme in place, all you need to do is to enter
http://putlocker.co into your browser and see what you get.
The first way an ISP can block sites, is simply to modify a library entry in their DNS server. When you enter a web address (either as a url or ip address), you are typically asking your ISP to route your request to the target. So all they need to do, is to direct such entries to the page at
http://www.ukispcourtorders.co.uk/ you likely just saw.
Think about it, if you can create a free account here and elsewhere to get, say an iptv sub or free trial in 5 minutes, so can an ISP. All the ISP then needs to do is to include the relevant addresses in the banned list in their library, either at 3pm for 2 hours for certain sites, or forever.
If DNS filtering is the only thing an ISP does, it might be possible to circumvent it by using a public/alternative DNS server, and/or proxies. However DNS block is not all that an ISP or government institution etc. can do. You might already have a browser add-on or software on your device that suffers "DNS leak". Packet sniffing, e.g., can also be deployed, because the same live or movie stream (perhaps without a time-based watermark legitimate providers have introduced in theirs) may be duplicated and sold/distributed by "resellers" - if one such stream can be identified, so can all the streams/sites with duplicates.
However, packet sniffing only works if a stream is not encrypted. Here is where vpn comes in - when you are using vpn, not only would you not be using your ISP's DNS server, data would also be travelling in a secured tunnel between the machine you have vpn on (e.g. your vpn router) and your vpn provider (which has their own infrastructure, and can be in Timbuktu). With vpn, your ISP has zero visibility of your data consumption except quantity because data in the virtual tunnel is encrypted, hopefully with a strong protocol and key, that will take even the nsa significant time to decrypt.
This is why certain governments/ministers are actioning/musing a ban on or "registering" vpn's...
I do not know for sure, but I would take "ddos attacks on servers" being the reason for relevant sites' relevant inaccessibility with a large lump of salt, if only because there are far easier and elegant/legitimate means available. To people who can mount ddos attacks, I suspect the relevant servers mentioned here are nowhere to be seen on their radars.
On the other hand, for folks like Snowden, they might need additional protection, see
http://www.tomshardware.co.uk/edward-snowden-favorite-security-tools,news-51714.html.
Cheers!
