A denial of service attack (DoS attack) or distributed denial of service attack (DDoS attack) is an attempt to make computer or a network resource unavailable to its intended users.
Denial of service attack seek to consume computing or network resources by sending queries to a DNS infrastructure which then responds to a third party's site causing slowing or lack of availability. It is trivial for an attacker to spoof the destination address in packets. This situation is exacerbated by the fact that using DNSSec to sign responses is more resource intensive than issuing unsigned responses and that it would be trivial to fill smaller internet connections with bogus requests to sites which have DNSSec enabled, such as .gov or .mil.