A flood attack is the process of sending thousands of transactions to “flood” the mempool, filling new blocks to the maximum size of 1MB, and subsequently delaying other transactions. It is easy to send transactions to yourself repeatedly, but it is made expensive with transaction fees. An attacker will eventually run out of money. Even if an attacker wants to waste money, transactions are further prioritized by the time since the coins were last spent, so attacks spending the same coins repeatedly are less effective.
Large or distributed flood attacks can fill blocks for days on end, possibly campaigning for raising the blocksize limit.