And how would an offline backup help you? Ransomware does not manifest itself right away. Usually it takes days, weeks, even months to spread. Most probably one would end up with multiple backups of already infected systems. The only difference is that your online backup system may end up borked while the offline one will happily provide you with an infected copy from couple of days ago. You would not want to restore a copy from an year ago, right? The data will be irrelevant.
I wish I knew a better way, but I do not. The only thing I know is the way we do things in IT does not work anymore, but we keep on doing the same old thing hoping for a better outcome.
What was that definition for insanity :)