The threat from the cyber attack that crippled worldwide services "will continue to grow" as people return to work on Monday, the head of Europol warned.
Europol described the cyber-attack as "unprecedented" and said its cyber-crime team was working with affected countries to "mitigate the threat and assist victims".
Europol said a special task force at its European Cybercrime Centre was "specially created to assist in such investigations and will play an important role in supporting the investigation". It demands users pay United States dollars 300 worth of cryptocurrency Bitcoin to retrieve their files, though it warns that the payment will be raised after a certain amount of time. And the hackers warned that they would delete all files on infected systems if no payment was received within seven days. Some experts think hackers might be trying to manipulate the currency to boost profits.
The list of institutions affected is expected to grow as more become aware of hacks or if more variants spread infections.
He said Russian Federation and India were hit particularly hard, largely because Microsoft's Windows XP - one of the operating systems most at risk - was still widely used there.
This includs penetrating defensive systems, interception and surveillance of communications, and developing ways to degrade and interrupt civil infrastructure, the officials reportedly said.
The culprits used a digital code believed to have been developed by the US National Security Agency-and subsequently leaked as part of a document dump, according to researchers at the Moscow-based computer security firm Kaspersky Lab. He said the situation was under control.
The latest malware, called WannaCrypt or WannaCry, is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. Researchers from three security firms dismissed initial reports on Saturday that a new version of WannaCry/WannaCrypt had emerged, saying this was based on a rushed analysis of code data that proved erroneous. It said he paid about $11 on Friday to buy a domain name that may have saved governments and companies around the world millions.
The effects were felt around the globe, disrupting computers that run factories, banks, government agencies and transport systems in nations as diverse as Russia, Ukraine, Brazil, Spain, India and the U.S. Britain's National Health Service was hit hard, while Russia's Interior Ministry and companies including Spain's Telefonica, FedEx Corp.in the U.S. and French carmaker Renault all reported disruptions.
A display panel with the attack running can be seen Friday at the main railway station in Chemnitz, Germany. Universities in Greece and Italy also were hit.
A spokesman for En Chu Kong Hospital in Sanxia, New Taipei said no patient medical data were affected by the virus, and the computer program has been reformatted.
"Just patch their systems as soon as possible", MalwareTech said.
Britain's National Cyber Security Center and others were hailing the cybersecurity researcher, a 22-year-old identified online only as MalwareTech, who - unintentionally at first - discovered a so-called "kill switch" that halted the unprecedented outbreak.
"If you have anything to patch, patch it", the researcher said in a blog post.
Israeli Prime Minister Benjamin Netanyahu also discussed the cyber threat today.
Hundreds of hospitals and clinics in the British National Health Service were infected on Friday, forcing them to send patients to other facilities.
"This particular attack was relatively easy to shut down", said Bryce Boland, Asia Pacific chief technology officer for FireEye, a cybersecurity company.
"People who have GP appointments should turn up as normal but please bear in mind that your practice may not be able to access information required to meet all of your needs, you might be asked to return at a later date and things might take longer than usual".