The ransomware appeared to exploit a vulnerability in Microsoft Windows that was purportedly identified by the U.S. National Security Agency for its own intelligence-gathering purposes and was later leaked to the internet.
Krishna Chinthapalli, a doctor at Britain's National Hospital for Neurology & Neurosurgery who wrote a paper on cybersecurity for the British Medical Journal, said many British hospitals still use Windows XP software, introduced in 2001.
"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem".
Microsoft said that the exploit code used by WannaCry is created to work only against unpatched Windows 7 and Windows Server 2008, or even earlier systems such as Windows XP.
Microsoft took the unusual step late Friday of making free patches available for older Windows systems, such as Windows XP from 2001.
If you're running Windows 8.1, Windows 7 or Windows Vista and you have automatic updates enabled, your computer will have downloaded protection against this vulnerability in March.
Senior U.S. security officials held another meeting in the White House Situation Room on Saturday, and the Federal Bureau of Investigation and the National Security Agency were working to help mitigate damage and identify the perpetrators of the massive cyber attack, said the official, who spoke on condition of anonymity to discuss internal deliberations.
The attack held hospitals and other entities hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later.
If you're facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. "If Kaspersky Lab's solution is used, ensure that it includes the "System Watcher", a behavioural proactive detection component and that it is switched on", Altaf Halde, Managing Director of Kaspersky Lab (South Asia), told IANS. "You're only safe if you patch as soon as possible", he tweeted. The ransomware will specifically scan for unpatched machines that have the Server Message Block vulnerability exposed.
"We can certainly expect follow-on attacks. It can be tough to tell which patch is important, until it is too late".
It added: "The governments of the world should treat this attack as a wake-up call". It also spreads through malicious attachments to e-mails.
"Upon learning of these incidents, McAfee quickly began working to analyse samples of the ransomware and develop mitigation guidance and detection updates for its customers". But there are obviously many, many computers out there and some people still, I feel, will not think that they need to patch their computer, so if an attack like this occurs again, there will still be infections'. If you are running Windows 10, your computer won't be affected.
Always make sure your files are backed up.
Other tips: consider installing security software if you don't have it already, back up your computer to the cloud or external hard drive.
Low-end criminals take advantage of less-savvy users with these viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.