Which attack vector is characterized by a breach of weak user credentials?

The attack vector characterized by a breach of weak user credentials is social engineering. This method typically involves manipulating individuals into divulging confidential or personal information that can be used for fraudulent purposes. Attackers often exploit psychological tactics to deceive victims into revealing sensitive credentials, such as passwords or usernames.

In the context of weak user credentials, social engineering can take various forms, such as phishing, where attackers masquerade as trustworthy entities to trick users into providing their login information. This focus on human psychology and the exploitation of weaknesses in personal decision-making highlight why social engineering is strongly associated with the breach of weak user credentials.

Other options, while relevant to cybersecurity, address different methods of attack. Ransomware typically involves malicious software designed to block access to files or systems until a ransom is paid, and does not primarily focus on user credential weaknesses. DDoS attacks aim to disrupt services by overwhelming targets with a flood of traffic rather than exploiting credentials. Session hijacking involves taking control of a user’s session after they have logged in but doesn’t inherently rely on weak user credentials as an initial point of entry.