How expensive is it to perform a denial of service attack in the real world? More often than not the cost is nearly free. The trick is to exploit the target’s own security concerns:
A flight in America was delayed and almost diverted on Tuesday after a passenger changed the name of their wi-fi device to ‘Samsung Galaxy Note 7’.
An entire flight was screwed up by simply changing the SSID of a device.
Why did this simply trick cause any trouble whatsoever? Because the flight crew was more concerned about enforcing the rules than actual security. There was no evidence of a Galaxy Note 7 being onboard. Since anybody can change their device’s SSID to anything they want the presence of the SSID “Samsung Galaxy Note 7” shouldn’t have been enough to cause any issues. But the flight crew allowed that, at best, flimsy evidence to spur them into a hunt for the device.
This is why performing denial of service attacks in the real world is often very cheap. Staffers, such as flight crew, seldom have any real security training so they tend to overreact. They’re trying to cover their asses (and I don’t mean that as an insult, if they don’t cover their asses they very well could lose their job), which means you have an easy exploit sitting there for you.