Losing all of it, or a weeks worth is better than having an accrued since yesterday backup to reload? Hands on manual work to catch it back up to were it was?
I don’t buy it. If everyone of us has the capability to do this I have trouble thinking that a software company cannot.
But you can get it back usually. The ransom guys generally just encrypt the data, pay they give you the key. And they generally aim for the newest, least likely to be backed up, data first.
In this day of automated everything there’s really no get it back. Somebody hit your website, triggered some software, and the data was made. The only way you know who it was is to look at the data, which has been encrypted.
Actually basically none of us can do this. You need to be a very very good hacker, with some seriously kick butt tools you probably wrote yourself, to de-encrypt data you don’t even know which of the thousand encryption methods that exist used. Best case scenario is the bad guys have used the same thing a lot and good hackers have reverse engineered the keys and figured it out.