Backups can be defended against ransomware attacks by moving them offsite from primary systems, removing file-system access to the backups, and avoiding using Windows as a backup platform
"Ransomware is becoming the number one threat to data, which makes it essential to ensure that bad actors don't encrypt your backup data along with your primary data when they execute ransomware attacks. If they succeed at that, you will have no choice but to pay the ransom, and that will encourage them to try it again.
The key to not having to pay ransom is having the backups to restore systems that ransomware has encrypted. And the key to protecting those backups from ransomware is to put as many barriers as you can between production systems and backup systems..."