Ransomware isn't just spray and pray
There are actually at least 2 different types of ransomware attacks:
1) The email phishing/fishing hole web site type
This is what most people think ransomware is
2) The manual hack then encrypt
This is what happens with a lot of SMBs
3) The 3rd party vendor attack
Wannacry, notPetya, and more are examples of this
Backups help, but manual hackers will poison the backups first, then encrypt the primary targeted systems. Orgs then have to play the game of: how complex a backup/failover scheme has to be.
Again, don't mistake the mass, low hanging fruit type attacks (Wannacry) with what is to come as the Eldorado of cyber crime will continue to yield treasure (ransomware).