Ransomware was first used in 1989, by Joseph Popp. It was called the AIDS Trojan. The infected user was asked to pay $189 to obtain the decryption key for the locked files. A paltry sum compared to today's outlandish ransom requests.
Everyone is a target. There is no point in paying the ransom, since there is no guarantee that the attacker will provide the decryption key. Once the ransom has been paid, it's possible that the attackers will attempt to reinfect the same system to extort more money from the victim. After all, if it worked the first time it'll probably work the second time with a larger payout.
Preventing a ransom wareattack is not easy. Being prepared comes down to having current and viable back-up of all important data, and using the right tools to filter potential attacks, such as ProofPoint and Webroot.
Once the system has been infected and files locked, the best way to get data back is to restore the backup after the system has been cleared of the malware. Potentially, the system can be reinfected if the backed-up data is infected as well. It's important that data is not backed up once it's been infected.
If that is not possible, attempt to restore infected files by visiting NO MORE RANSOMWARE. International law enforcement organizations are working with IT Security companies to provide decryption tools for many ransomware ciphers.
The site offers resources to help determine which malware is being used, and how to restore data, as well as offering prevention strategies.