> 1. The backup regime was so slack, the administration was dead in the water without decryption.
If you check the El Reg webinar on this a couple of weeks back, you'll know that the attackers may sit on the network for a couple of years before pulling the trigger. Backups of encrypted files aren't much use without keys and if you rotate your tapes in a shorter period..... oops.
(and of course if you do D-D-T or backup to disk, then your backups are vulnerable to being trashed, as many people have found out over the years)