The unprecedented global cyberattack has hit more than 200,000 victims in scores of countries, Europol said Sunday, warning that the situation could escalate when people return to work. The most disruptive attacks infected Britain's public health system, where surgeries had to be rescheduled and some patients were turned away from emergency rooms.
Cyber security experts predict that the scope of the attack could expand as people return to work and resume their work on computers, CNN reported on Monday.
The U.K.'s National Cyber Security Centre said Sunday that there have been "no sustained new attacks" of the kind that struck Friday.
He said it was unclear so far how it had started but ransomware generally spread via a few different methods.
Ransomware exploits a vulnerability in Microsoft Windows software, first identified by the US National Security Agency.
The malware, using a technique purportedly stolen from the US National Security Agency, stopped care Friday at hospitals across the United Kingdom, affected Russia's Ministry of Interior and infected company computer systems in countries from Eastern Europe to the US and Asia.
Worldwide investigators are hunting for those behind an unprecedented cyber-attack that affected systems in dozens of countries, including at banks, hospitals and government agencies, as security experts sought to contain the fallout.
But from there, WannaCry exploits a fault in Microsoft's Windows system to spread quickly around an organisation's internal network.More news: Tillerson: Trump weighs embassy move impact on Mideast peace
More news: Short-handed Wizards aim to even series vs. Celtics
More news: US Senate Democrats may refuse to vote on Trump FBI pick: Schumer
U.S. software firm Symantec said that part-way through Saturday, transactions totalling $28,600 had taken place through the five Bitcoin addresses used by the ransomware.
The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access.
The 22-year-old British cyber researcher who found the kill switch said he was now looking into a possible second wave of attacks.
That original software was created by US National Security Agency hackers and kept for their own use - until it was exposed in a massive leak of NSA data in April.
The malware, also known as WannaCry, hit systems in other countries as well, including the United States and Russian Federation.
Back up computers. This doesn't stop a computer from being attack but effectively renders it ineffective because it is easy to re-install the system from a backup should it become locked by ransomware. Microsoft has issued a statement saying that it has developed and released a special update for Windows XP although it does not service this particular version of its operating system anymore.
He added: "The governments of the world should treat this attack as a wake-up call".
Robert Pritchard, a former cybersecurity expert at Britain's defense ministry, said hackers are staying ahead of governments and companies.