> 1: You do not normally have to use Windows. There are more secure alternatives.
If you've just spent millions on an MRI machine and the software for it is Windows only, you do.
> 2: If you do have to use Windows, do you really have to use FAT or NTFS for your data?
Most ransomware can encrypt data on any mount that your install can write to, so it doesn't matter too much whether you're using FAT/NTFS locally or NFS or Samba to go upstream. Having a journal'd filesystem upstream is only so much help when near every file you've got has been encrypted.
Obviously it'd be nice if there were restrictions in place on who/what could edit or remove existing files, but we don't currently know that that's not the case here. It only takes someone with those permissions and you're back in this position.