Britain's National Health Service (NHS) fell victim, its hospitals forced to close wards and emergency rooms and turn away patients.
But by then, this crypto-ransomware, also called WannaCrypt, had hit at least 45,000 computers spread over 74 countries demanding a $300 ransom in Bitcoins to restore access to these devices and the information inside.
NHS Digital, which oversees United Kingdom hospital cybersecurity, says the attack used the Wanna Decryptor variant of malware, which infects and locks computers while the attackers demand a ransom.
Capitalising on spying tools believed to have been developed by the U.S. National Security Agency, the cyber assault has infected tens of thousands of computers in almost 100 countries, with Britain's health system suffering the worst disruptions.
Spain's Telefonica was among the companies hit.
Some 1,000 Windows-operated PCs were affected, which is less than one percent of the total number of such computers in the ministry, spokeswoman Irina Volk said in a statement.
"Despite warnings, (NSA) built unsafe attack tools that could target Western software", Snowden said.
With the cyber attack, the software of NHS was blocked and doctors were blocked from patient files. It had been developed by the NSA to gain access to computers used by terrorists and enemy states.
"Like many other companies, FedEx is experiencing interference with some of our Windows-based systems caused by malware".
"The investigation is at an early stage but we believe the malware variant is Wanna Decryptor", officials at NHS Digital said Friday in a statement.
A number of Spanish firms were among the apparent victims elsewhere in Europe.More news: How the Outcome of the French Election Will Impact Europe
More news: Trump suggests he might drop daily press briefings
More news: North Korea Open To US Talks Under Right Conditions
"We apologise to those patients affected and we are working hard to resolve the issues as soon as possible." .
Ransomware programmes, which are sent by email and spread swiftly, can be bought on the dark web with sellers negotiating a percentage of the takings.
A cyber attack is when computer systems are deliberately damaged or disrupted by people.
Portugal Telecom, the delivery company FedEx and a Swedish local authority were also affected.
"I'm watching how far this propagates and when governments get involved", he said.
The security holes it exploits were disclosed several weeks ago by The Shadow Brokers, a mysterious group that has published what it says are hacking tools used by the National Security Agency as part of its intelligence-gathering.
The virus is said to attack computers on an internal network, as is the case with Telefonica, without affecting clients.
"I believe many companies have not yet noticed", said William Saito, a cyber security adviser to Japan's government.
The US Department of Homeland Security said on Friday that the patch, released by Microsoft on March 16, "addresses this specific vulnerability, and installing this patch will help secure your systems from the threat".
However, working alongside Darien Huss from security firm Proofpoint, a British cyber security researcher managed to find a "kill switch" built into the software on Friday, stemming the flow of attacks.
This attack most likely occurred because some hospitals and other affected organizations may not have applied a patch that Microsoft released or were using outdated operating systems that the software giant no longer supports, Woodward said. "Seeing a large telco like Telefonica get hit is going to get everybody anxious", said Chris Wysopal, chief technology officer with cyber security firm Veracode.