Not executable. Text. Readable by humans. Inspectable by humans so you can root out rootkits. Not even the valuable data that cyber criminals go for anyway - they go for personal and financial data, not k8s config files.
Neither of those are relevant. You don't back up virtual machines or image disks - you take afore-mentioned plain-text, audited config files and spin up new instance from scratch.
This is irrelevant snark. If you back up a data file, it doesn't matter that it's stored in the memory of a Von Neumann architecture - it's only going to be used as a data file.
> Separation of code and executables is a nice idea that approximately 0% of organisations fully adhere to.
Citation needed. Also, you just said:
> If the ransomware operators follow best practices
...so are we considering the ideal case, or not?
> I'm really not sure that has a serious answer.
Being snide is bad by itself, but it's even worse when you're wrong on top of it.
https://en.wikipedia.org/wiki/Infrastructure_as_code
https://en.wikipedia.org/wiki/Virtual_machine
https://en.wikipedia.org/wiki/Disk_image
https://en.wikipedia.org/wiki/Shadow_IT
https://en.wikipedia.org/wiki/Von_Neumann_architecture
Separation of code and executables is a nice idea that approximately 0% of organisations fully adhere to.