According to a NYT article today, ransomware is a Russian growth industry that has branched out from hitting large institutions in many directions. One of which is to sell the tools and phishing content for any dufus to break into a typical small biz network. The ransomware groups provide full service: tools to break in, tech support, ransom negotiation services, crypto currency handling.
I haven't heard of any small biz around here getting hit. Yet.