| > https://en.wikipedia.org/wiki/Infrastructure_as_code > "definition files" Not executable. Text. Readable by humans. Inspectable by humans so you can root out rootkits. Not even the valuable data that cyber criminals go for anyway - they go for personal and financial data, not k8s config files. > https://en.wikipedia.org/wiki/Virtual_machine > https://en.wikipedia.org/wiki/Disk_image Neither of those are relevant. You don't back up virtual machines or image disks - you take afore-mentioned plain-text, audited config files and spin up new instance from scratch. > https://en.wikipedia.org/wiki/Shadow_IT If those are actually shadow IT, they won't be in the backups anyway. > https://en.wikipedia.org/wiki/Von_Neumann_architecture This is irrelevant snark. If you back up a data file, it doesn't matter that it's stored in the memory of a Von Neumann architecture - it's only going to be used as a data file. > Separation of code and executables is a nice idea that approximately 0% of organisations fully adhere to. Citation needed. Also, you just said: > If the ransomware operators follow best practices ...so are we considering the ideal case, or not? > I'm really not sure that has a serious answer. Being snide is bad by itself, but it's even worse when you're wrong on top of it. |
> If those are actually shadow IT, they won't be in the backups anyway.
Okay whatever then. I really don't have the energy. I'm just depressed people might believe you.