Britain's National Cyber Security Centre has warned that Friday's global cyber attack could spread "significantly" as computer systems and networks come online at the start of the working week.
The warning follows what the NCSC called a "coordinated ransomware attack", now known as 'WannaCry' that is estimated to have affected more than 200,000 computers across 150 countries around the world since its initial launch Friday.
"Since the global coordinated ransomware attack on thousands of private and public sector organisations across dozens of countries on Friday, there have been no sustained new attacks of that kind," the NCSC said. "But it is important to understand that the way these attacks work means that compromises of machines and networks that have already occurred may not yet have been detected, and that existing infections from the malware can spread within networks."
"This means that as a new working week begins it is likely, in the UK and elsewhere, that further cases of ransomware may come to light, possibly at a significant scale," the NCSC said.
Friday's attack escalated via combined ransomware techniques with code that spread through recently uncovered weaknesses in Microsoft (MSFT - Get Report) Windows and, although Microsoft had repaired the vulnerability, computers worldwide had not been patched and fell victim to the hackers.
"The big thing out here is the fact that ransomware was coupled with a spreading mechanism which impacted organizational networks," Vikram Thakur, technical director at Symantec (SYMC - Get Report) , said regarding the ransomware wave.
"People received emails in an unsuspecting manner (and) clicked on a link or opened an attachment that started the whole chain of events," Thakur said. "The malware software encrypted files on a victim's computer ... but also went on to look for other computers on the same network that could be infected and subsequently used to encrypt files on them."
Britain's National Health Service, one of the largest state-run systems in the world, was also one of the most significant victims of the attack, with nearly 60 of the U.K. 'Trusts', or regional hospital networks, affected.
The ransomware locks users' computers and demands a $300 payment in order to re-gain access. The disruption caused chaos in the healthcare service on Friday and over the weekend, forcing the cancellation of surgeries, appointments and assessments and creating a backlog in emergency care wards around the country.