If you inject the ransomware into a system that is subsequently backed up and wait a significant period of time, you could potentially lock all backups as they are restored. Then people have to decide between paying up or restoring to a time before the ransomware was injected.

I'm not sure if it's feasible to have ransomware lock backups as they're restored, however.