The attack used a Windows exploit known as EternalBlue.
United Kingdom security researcher "MalwareTech", who helped to limit the ransomware attack, predicted "another one coming... quite likely today".
The non-profit US Cyber Consequences Unit research institute estimated that total losses from the attack would range in the hundreds of millions of dollars, but not exceed $1 billion. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations.
"We will get a decryption tool eventually, but for the moment, it's still a live threat and we're still in disaster recovery mode", Europol director Rob Wainwright told CNN on Sunday.
The indiscriminate attack, which began Friday, struck banks, hospitals and government agencies in more than 150 countries, exploiting known vulnerabilities in old Microsoft computer operating systems.
"It was early morning Saturday for us, and that meant the bulk of us weren't at our keyboards", the prime minister's cyber security adviser Alastair MacGibbon said.
That original software was created by US National Security Agency hackers and kept for their own use - until it was exposed in a massive leak of NSA data in April.
Meanwhile, the New Zealand government communications security bureau said it had not received any reports of the malware infection.
Several hospitals in London and other parts of England and Scotland were affected and some reportedly halted surgeries amid fears the lives of patients were at risk.More news: British Columbia Liberals hang on to win minority government
More news: Diamondbacks C Iannetta placed on concussion DL
More news: Fan banned from Fenway Park after using racial slur
However, he said that so far "remarkably" few payments had been made by victims of the attack.
He said tech companies, customers and the government need to "work together" to protect against attacks.
The attack, called WannaCry (or WannaCrypt), is a lesson to both the IT industry and consumers, Microsoft's President and Chief Legal Officer Brad Smith argued in a blog post Sunday.
As almost 45 NHS organisations from London to Scotland were hit in the "ransomware" attack on Friday, patients of the state-funded countrywide service faced chaos as appointments and surgeries had to be cancelled.
Around a fifth of NHS trusts were hit in the attack, forcing them to postpone operations and procedures over the weekend.
According to a report in ZeroHedge, ATMs in China are being affected by the ransomware.
Symantec said the majority of organisations affected were in Europe.
Vicente Diaz, a security analyst at Kaspersky, said big companies would have spent the weekend implementing such measures, but smaller firms without a dedicated security team could still suffer from the malware.