Anti-virus programs detect many kinds of trojans and malware. Why could ransomware not be detected by anti-virus?
Those points are there because they make sense. While having an up-to-date system and anti-virus software isn't a silvet bullet, it's certainly better than nothing.
Static signatures are increasingly pointless as malware is rebuilt often.
Heuristics don't work against ransomware because they act like a well behaved program. Search for files, open file, overwrite file. All could be done as non-privileged user.
Ransomware is truly scary but the proper advice is:
1. Don't run untrusted software
2. Proper backups (e.g. not just a mirror)
3. Proper permissions on network drives that are mapped. Ransomware is devastating to small offices.
AVs will detect ransomware approximately as easily as any other malware family. Ransomware shares plenty of traits with regular malware.
The problem is that there are so many cheap services out there for malware distributors to automatically "crypt" (pack) their payloads, that the chances of getting a completely fresh sample are pretty high.
AVs are also less effective against ransomware because they have to catch it before it first runs on the system, otherwise there's nothing it can do.
Those points are there because they make sense. While having an up-to-date system and anti-virus software isn't a silvet bullet, it's certainly better than nothing.