The following articles contain details on securing your WordPress installation on a shared hosting service, specifically Rackspace Cloud Sites. This post will change as more resources are compiled:
On a shared hosting service running suexec, there should be no reason to have global permissions on a php site:
Backup, Backup, Backup! Just 2 of many possible backup scripts.
If the unfortunate does occur, these three links contain information on recovering. Due to the possibility of backdoors being injected within your sites though, the safest option would be to restore from one of your backups. You do keep backups, right?