"It re-enforce the significance of getting Identity and Access Management right, as it was only a matter of time before an attack happened on this large of a scale to take advantage of those organizations who haven't taken this critical step".
The head of the European Union police agency said on Sunday the cyber assault hit 200,000 victims in at least 150 countries and that number would grow when people return to work on Monday.
"IT managers need to be extremely aware that new variants of this ransomware attack are being launched nearly hourly, so they can't just check that their computer systems are protected, then relax, assuming everything will stay that way", he said.
"At the moment, we're in the face of an escalating threat", Wainwright said.
Security experts said that they were not sure how many victims would pay the ransoms, or if access to computers was being restored after such payments. The company's free antivirus software Windows Defender, along with other third-party security products from those including Kaspersky Lab and Avast, will also detect and remove the threat. Experts suggested Saturday that the ransomware's progress had been halted, but new attacks could soon follow. At the height of the attack Friday and early Saturday, 48 organizations in the NHS were affected, and hospitals in London, North West England and Central England urged people with non-emergency conditions to stay away as technicians tried to stop the spread of the malicious software.
A spokesperson for the Russian Health Ministry, Nikita Odintsov, said on Twitter that the cyber attacks on his ministry were "effectively repelled".
The attacks exploited the computers because they were running outdated versions of Microsoft's Windows operating system. But many companies and individuals haven't installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and didn't fix.
The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a "worm", or self spreading malware, by exploiting a piece of NSA code known as "Eternal Blue" that was released last month by a group known as the Shadow Brokers, researchers with several private cyber security firms said. "We are lucky that this logic bug is still present", Suiche said.
Spain, meanwhile, said several Spanish companies had been targeted in ransomware cyberattack that affected the Windows operating system of employees' computers. But computers and networks that haven't updated their systems are at risk.
Hospitals are also fertile ground for identity thieves due to their often-lax security policies.
May says there is no evidence that patient data has been compromised.
In the US, FedEx Corp reported that its Windows computers were "experiencing interference" from malware, but wouldn't say if it had been hit by ransomware.
In Germany, rail operator Deutsche Bahn faced "technical disruptions" on electronic displays at train stations, but travel was unaffected, the company said in a statement on its website.
On Friday, Russia's interior and emergencies ministries, as well as the country's biggest bank, Sberbank SBER.MM , said they were targeted.
Indonesia's government reported two hospitals in Jakarta were affected. This one worked because of a "perfect storm" of conditions, including a known and highly risky security hole in Microsoft Windows, tardy users who didn't apply Microsoft's March software fix, and malware created to spread quickly once inside university, business or government networks. Playing with fire finally caught up with the victims.
Had it not been for a young cybersecurity researcher's accidental discovery of a so-called "kill switch", the malicious software likely would have spread much farther and faster that it did Friday.
"It's quite an easy change to make, to bypass the way we stopped it", MalwareTech, who uses an alias, told the Associated Press. "So long as the domain isn't revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again".
Megafon, a top Russian mobile operator, also said it has come under cyberattacks that appeared similar to those that crippled United Kingdom hospitals on Friday.
"Ransomware is traditionally their topic", he said.