Backup systems should not be executing the data they are backing up. It would be easy for the ransomware to get the backup system to make a backup of the ransomware. It's much harder for it to then execute itself on the backup machine/wherever that data ends up.
For a ransomware to propagate that way it would have to employ multiple exploits against unknown operating systems, and against computers managed by people who should have some idea about security rather than just the desktop of a random employee. In many cases you'll be backing up to storage provided by a 3rd party who simply don't even offer the capability to run code, or permanently delete data programatically.
For a ransomware to propagate that way it would have to employ multiple exploits against unknown operating systems, and against computers managed by people who should have some idea about security rather than just the desktop of a random employee. In many cases you'll be backing up to storage provided by a 3rd party who simply don't even offer the capability to run code, or permanently delete data programatically.