One of our customers was hit with this last week
I'd expect the initial ransom was $500 in bitcoin - that is the standard message displayed by Cryptowall 3.0 which is a right bastard of a product.
Our antivirus caught it on the PC, so it only screwed the initial user's profile, but it does a basic network traversal using mapped drives, so completely bollixed the NAS shares which the user had full access to.Since it took them a couple of days to alert us that the infection had taken place, the weekly syncs had taken place and overwritten their secondary NAS as well.
(Edit: They only pay for ad hoc assistance, not for realtime monitoring. We set up protection against hardware failure, not across-the-board data corruption. Suprisingly the XP machines running NAV were left alone, only the w7 machines were targeted across the network)
Our customer only had a backup on USB from December, but were happy to work from that as most of their work is online.
However be aware - it will traverse mapped network drives, and that includes synced cloud folders like dropbox. Not every cloud provider supports versioning, especially for SMB users.
The ONLY safe mechanism against this attack is an offline copy of the data, which for small shops I would suggest at least every 3 months. And since they use commercial exploit kits to deliver the payload, it is very hard to completely defend against, even with IT knowledge.
It's a real change in risk profile, from accidental damage or hardware failure to deliberate trashing of the data. It's almost like the early DOS viruses again, which were designed to paralyse what was infected instead of spreading.