No fewer than 150 countries have so far been hit in the biggest cyber-attack the world has ever witnessed.
The attack which began on Friday is still claiming victims and there are fears that the attack could be worse on Monday when people return to work.
The head of the European Union’s law enforcement agency Europol, speaking on British TV on Sunday, said Friday’s attack was “unprecedented” in its reach, with more than 200,000 victims in at least 150 countries.
“At the moment, we’re in the face of an escalating threat, the numbers are going up,” Europol director Rob Wainwright told ITV’s Peston on Sunday program.
“I’m worried about how the numbers will continue to grow when people go to work and turn their machines on Monday morning.”
Organizations around the world have spent the weekend trying to recover after being hit by a virus that seeks to seize control of computers until victims pay a ransom.
Hospitals, major companies and government offices were among those that were badly affected. Cyber-security experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan.
But U.K. hospitals, Chinese universities and global firms like Fedex (FDX) also reported they had come under assault.
Security experts said the spread of the virus had been inadvertently stopped late Friday. The ransomware was designed to repeatedly contact an unregistered domain in its code.
A 22-year-old security researcher in the U.K, who goes by MalwareTech, registered that domain to analyze the attack, but it turned out the ransomware needed it to remain unregistered to keep spreading.
However, a hacker could change the code to remove the domain and try the ransomware attack again.
And it has potential to create much more damage because it’s likely to be lurking on computers in offices around the world that haven’t been used since Friday. Copycat attacks could follow.
U.S. Treasury Secretary Steven Mnuchin, at a meeting in Italy, said Saturday the attack was a reminder of the importance of cybersecurity.
“It’s a big priority of mine that we protect the financial infrastructure,” he said.
Europol’s Wainwright underscored the point Sunday. All sectors of the economy were vulnerable and organizations could take lessons from the banking industry, which appeared to have largely escaped the global attack.
“Very few banks if any have been affected because they’ve learned from painful experience of being the number one target for cybercrime,” he said.
The ransomware, called WannaCry, locks down files on an infected computer and asks the computer’s administrator to pay in order to regain control of them.
The exploit was leaked last month as part of a trove of NSA spy tools.
The ransomware is spread by taking advantage of a Windows vulnerability that Microsoft (MSFT, Tech30) released a security patch for in March.
But computers and networks that hadn’t updated their systems were still at risk.
In the wake of the attack, Microsoft said it had taken the “highly unusual step” of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.
The patches won’t do any good for machines that have already been hit.
On Saturday, experts said it appeared that the ransomware had made just over $20,000, although they expected that number to pop when people went back into the office Monday.
Security agencies have so far not been able to identify who was behind the attack. Wainwright said Europol did not know the motive.
He added that ransomware attacks were normally criminal rather than political in nature. “Remarkably few payments” had so far been made in response to this attack, he added.
Read more: CNN