'While this protected newer Windows systems and computers that had enabled Windows Update to apply this latest update, many computers remained unpatched globally. Among those hit were Russia's Interior Ministry and companies including Spain's Telefonica and FedEx Corp.in the U.S.
As a loose global network of cybersecurity experts fought the ransomware hackers, in China, state media said more than 29,000 institutions had been infected along with hundreds of thousands of devices.
Government agencies and universities were among those hit as well as petrol stations, ATMs and hospitals, it said.
Europol executive director Rob Wainwright had warned yesterday the situation could worsen when workers return to their offices on Monday after the weekend and logged on.
"We've never seen anything like this", the head of the European Union's policing agency told Britain's ITV television Sunday, calling its reach "unprecedented".
"At the moment, we are in the face of an escalating threat".
In France, auto manufacturer Renault said one of its plants, which employs 3,500 people in Douai, northern France, wasn't reopening Monday as technicians continued to deal with the aftermath of the global cyberattack. 'This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem, ' he claimed in the announcement.
Payment is demanded within three days or the price is doubled, and if none is received within seven days the locked files will be deleted, according to the screen message. While some companies did not report damages to the government, South Korea was yet to see crippling damages, he said.
Security firm Digital Shadows said on Sunday that transactions totaling $32,000 had taken place through Bitcoin addresses used by the ransomware. We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. A month prior, on March 14, Microsoft had released a security update to patch this vulnerability and protect our customers, ' explained Microsoft's president and chief legal officer Brad Smith in a blog post analysing the attack.
"An equivalent scenario with conventional weapons would be the United States military having some of its Tomahawk missiles stolen".
Microsoft declared the attack a "wake-up call" for governments across the world.
The attack is unique, according to Europol, because it combines ransomware with a worm function, meaning once one machine is infected, the entire internal network is scanned and other vulnerable machines are infected.
"This was like a weapon of mass destruction compared to previous ransomware because it was able to spread on its own, very quickly, over a vulnerability that was largely unpatched".
"One thing that is very important to stress is that there is no evidence that there has been any patient data compromised, so patient confidentiality hasn't been affected, but of course there will have been an impact on patients with some appointments cancelled", she said.
"Hundreds of thousands" of Chinese computers at almost 30,000 institutions including government agencies have been hit by the global ransomware attack, a leading Chinese security-software provider has said, though the Asian impact has otherwise been relatively muted.