So, if we did put it back up, how could we log onto it and how is it possible for not-very-technical-people to find out if there is spurious or invisible code added to the programs?
You must be somewhat technical, because you had upgraded to 2.5.1, right?
Actually, I'm kind of wondering if you really were running 2.5.1. Certainly many people were running 2.3 when hacked by the people who insert "running WordPress 2.5" into the source code, so you may have thought you were running 2.5.
And how did you back up your site? Did you back up the wp-config file? The wp-content folder? Most importantly, did you make a database backup, too?
You won't be able to put the site back up unless you did at least the last item; you can reconstruct it without the first two, but it will be much harder.
These are the WordPress backup instructions: "Backing Up Your Database."
Did you follow them to back up your database?
If so, here are the WordPress instructions to restore your database: "Restoring Your Database."
You should also read the two links I referenced in the above threads. If they are too technical for you, then I would just recreate the WordPress site from scratch, however you did it the first time.
NOTE: If you use an automatic installer, make sure they are installing the latest version, found here. A lot of automatic installers are behind on versions, leaving you vulnerable.
And frankly, if you can't (and you don't have anybody on your team who can) upgrade WordPress whenever a new version comes out, you probably shouldn't use WordPress. It's free, sure, but that zero price tag comes with the obligation to maintain your site properly. If you can't do it, you need to pay someone to do it for you.