Yes. And paying the ransom isn't necessarily cheaper either.
If a machine has been compromised, the minimum you need to do is re-image it and restore the data from a known-good backup. You might use the decrypted files for those that can't be restored, but are you really going to trust a computer that was infected?
A friend of mine is an administrator at another company and their server was found to be listed on a darknet website. The Verfassungsschutz (Federal Office for the Protection of the Constitution) recommended that they destroy the drives and the motherboard of the server and restore to a new system from a secure, offline backup.