Yes, we think backups are the solution. Backups isn't just the big box of tapes with all the data from last weekend on them; it includes everything that allows data recovery when data is lost. Whether that be snapshots, extra copies, or the big box of tapes.
You're right that having to restore from backup at the level of off-site external media is costly in time and money, but there are some things to keep in mind:
1. We only suggest doing that if you have to, I.E. the backups that are online and easy to restore from don't work. Frequently, more persistent ransomware will have found those and screwed them up. Yes, you can configure them not to be vulnerable to the typical attacks, and that will protect you from the majority of lazy ransomware. If it does, that's great. If it doesn't, fall back to offline media.
2. Restoring media may be an expensive DR option, but that's to be expected. This is disaster recovery; you only do it when there's been a disaster. There are lots of other disasters where you'd have to do the same thing, but having to rebuild from scratch would cost much more. If the cost is too high for the business, it might be worth constructing a cheaper backup system or one that restores more easily.
3. Paying the ransom is a terrible idea. It guarantees that you have the same problem that let the ransomware get in. They might also stay resident in order to hit you again in a few months or maybe just to add your machines to a botnet.
4. Paying the ransom is immoral. It funds criminals when there is another option, and increases the probability that an attack like this will happen again. If you pay the ransom, you are making someone else pay the real cost for you. That's bad.