I don't think banning GCE, AWS and MS Azure is an efficient method to
significantly increase the cost of attacks because it is trivial for an attacker to quickly spin up "a large number of disposable machines" at other ISPs as well.
It has other benefits. Those big providers see a huge amount of exit traffic and can potentially do correlation against that.
I disagree on 'huge'. If you worry about i.e. Amazon hosting to much exit bandwidth you have to worry about many other* ASes first, and even then, banning them all completely (exit prob = 0) isn't probably a wise strategy.
*) +-----------+---------------------------------+ | exit_prob | AS_name | +-----------+---------------------------------+ | 9.261 | OVH SAS | | 7.629 | Avira B.V. | | 6.239 | SOFTplus Entwicklungen GmbH | | 5.306 | Hetzner Online AG | | 4.013 | UK2 - Ltd | | 3.563 | LeaseWeb B.V. | | 3.316 | Voxility S.R.L. | | 3.171 | Init7 (Switzerland) Ltd. | | 2.454 | NFOrce Entertainment BV | | 2.232 | CYBERDYNE | | 2.174 | Association TETANEUTRAL.NET | | 2.111 | ALISTAR SECURITY SRL | | 2.018 | 31173 Services AB | | 1.852 | PlusServer AG | | 1.831 | root SA | | 1.713 | ONLINE S.A.S. | | 1.703 | QuadraNet, Inc | | 1.475 | ISPpro Internet KG | | 1.441 | Foreningen for digitala fri- oc | | 1.427 | BlazingFast LLC | | 1.377 | rrbone UG (haftungsbeschraenkt) | | 1.288 | IP-EEND BV | | 1.249 | WEDOS Internet, a.s. | | 1.240 | Abovenet Communications, Inc | | 1.181 | The Calyx Institute | | 1.169 | myLoc managed IT AG | | 1.024 | Digicube sas | | 0.871 | Amazon.com, Inc. | << Amazon | 0.817 | Hurricane Electric, Inc. | | 0.799 | University of Michigan | +-----------+---------------------------------+ onionoo data from 2015-09-01 07:00:00