The "kill" function halted WanaCryptor's ability to copy itself rapidly to all terminals in an infected system - hastening its crippling effect on a large network - once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string.
"We're in the face of an escalating threat, the numbers are going up", he said, and added that the current attack was unprecedented. "The numbers are going up, I am anxious about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning", Europol Director Rob Wainwright said. The company said the virus has been localized and "technical work is underway to destroy it and update the antivirus protection".
The majority of the attacks targeted Russia, Ukraine and Taiwan.
On Sunday, Chinese media reported that students at several universities were hit by the virus, which blocked access to their thesis papers and their dissertation presentations.
The identity of the hacker who perpetrated the wave of attacks remains unknown.
The ransom demand from the attack is between $300 to $600, and the post noted that there is code to "delete files" in the ransomware.
It remained unclear how many organizations had already lost control of their data to the malicious software - and researchers warned that copycat attacks could follow.
U.S. Treasury Secretary Steven Mnuchin, at a meeting of world leaders in Italy, said the attack was a reminder of the importance of cybersecurity.
Speaking to ITV's Robert Peston, Mr Ashworth accused the government of having "cut the IT and infrastructure budget" by £1bn in the NHS, and said his party, if elected to power, would put £10bn into the infrastructure of the NHS.
The head of the European police agency Europol, Rob Wainwright answers questions at The Hague, Netherlands, Jan. 16, 2015.
The NSA has also been held partly to blame for the attack because it had not alerted Microsoft about the weakness in its system until the NSA's software that exploited it had been stolen and leaked to the public.More news: Microsoft unveils new Surface laptop featuring Windows 10 S
More news: Condoleezza Rice says North Korea's leader may be "a little unhinged"
More news: President Trump Jokes That He & Rosie O'Donnell 'Finally' Agree, Rosie Responds
Around a fifth of trusts were hit, with six still affected 24 hours later, amid concerns networks were left vulnerable because they were still using outdated Windows XP software.
Always update systems and software with the latest security updates.
But the patches won't do any good for machines that have already been hit.
Europol has said it is working with the US Federal Bureau of Investigation to find those responsible, and that more than one person was likely to be involved.
Expects cautioned, however, that the criminals who pushed the ransomware to the world might be able to disable the "kill" switch in future versions of their malware.
"The recent attack is at an unprecedented level and will require a complex global investigation to identify the culprits", said Europol, Europe's police agency.
Given the attack's widespread nature, even such a small sum would stack up quickly, though few victims seem to be paying up so far.
National Health Service: At least sixteen NHS organizations have been hit, according to NHS Digital.
Britain's National Health Services first sounded the ransomware alarm Friday.
"It was a promise over the parliament, over the five years, we are only two years into the old parliament and I can assure you that we are spending a lot of money on recruiting but also on giving the armed forces the equipment they need". FedEx said it was "experiencing interference", the Associated Press reported.
"We see all the finger-pointing at the usual suspects, saying it's probably people in Russian Federation or China, but, to quote Sherlock Holmes, it's not really a good idea to guess without the evidence", Gazeley said.
Hong Kong-based Ivezic said that the ransomware was forcing some more "mature" clients affected by the worm to abandon their usual cautious testing of patches "to do unscheduled downtime and urgent patching, which is causing some inconvenience".