What type of security incident does a salami attack best illustrate?

A salami attack is best illustrated by incremental theft, which refers to stealing small amounts of data or money over time, often in a way that goes unnoticed. The concept derives its name from slicing off thin pieces (similar to how a salami is sliced) to gather a larger total without attracting attention.

This type of attack often exploits weaknesses in systems where minor thefts do not trigger alarms or controls, making it difficult to detect until a significant amount has been stolen. For example, a criminal could manipulate a company's accounting systems to withdraw tiny amounts of money from many accounts, ultimately accumulating a large sum without alerting security.

In contrast, a data breach typically involves unauthorized access to a broad set of information, malware infections are focused on malicious software that disrupts operations or steals data, and unauthorized access attempts are generally characterized by individuals trying to gain access to systems or data without permission. These scenarios do not capture the essence of the slow and subtle approach represented through a salami attack.