This fails to surprise me...
OK, so what's the takeaway from this finding? Is it that system-provided encryption is good enough that it is useful for the bad guys, too? Kind of obvious for me.
I don't think that any "anti-ransomware" can ever be effective by controlling if/which encryption functions are used. If you got a process running on your machine that you don't want, you're compromised. Trying to control whether that process uses specific functions/techniques is kind of missing the point. At this point, your best anti-ransomware is probably that offline backup that you made last week.