If an organization were to be infected with ransomware:
How might Yugabyte have been protected in advance from ransomware?
How is an unprotected Yugabyte implementation vulnerable to ransomware?
How may Yugabyte aid in the recovery from a ransomware infection if a ransom is not paid?
You should take backups on a S3 bucket that keeps versioning and has data retention, meaning an attacker can’t delete data there. You should keep backups in separate places. And you should test your backups.
You should be able to do the same with PITR (point in time recovery) Point-in-time recovery | YugabyteDB Docs