Well, the difference is that in the physical world there would be... well, physical obstruction. In the digital world they wouldn't be actually physically harming or preventing people from doing stuff, which is why I think it should be civil, not criminal.
When you bring a site down completely, you absolutely prevent people from doing stuff. You prevent them from accessing the website, which in many cases is the same thing as the store. So I actually don't agree. They are not physically harming people, agree 100% there. But they are definitely preventing people from doing stuff.
The potential "physical damage" to the servers themselves is a little more dubious to me, although it could potentially be costly. But more important is the notion of blocking business.
What I really mean is that I'm not sure that launching a DoS attack against, say, some blog or whitehouse.gov is the same thing as launching one at, say, amazon.com or something.
Obviously there are ways to sniff out DoS attacks and prevent them, just like there are ways in the physical world (hiring security guards or something) to do it, but failure to protect yourself does not necessarily mean you are complicit as a victim of an attack.
It is definitely an interesting approach though.
