Microsoft makes fixes free in wake of cyberattack

The ransomware called

The ransomware called"WannaCry" is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven't updated their systems are at risk

He added that the agency is still analyzing the virus and has yet to identify who is responsible for the attack.

"Cyber attacks have already become a kind of industry", cyber security researcher Yang Xiang from Deakin University in Australia told ABC News.

Europol, the pan-European Union crime-fighting agency, said the threat was escalating and predicted the number of "ransomware" victims was likely to grow across the private and public sectors as people returned to work on Monday.

Tempting as it may be in order to resolve your crisis quickly, law enforcement and cybersecurity experts don't recommend paying the ransom.

Hospitals, major companies and government offices were among those that were badly affected.

Severine Arsene, an Internet expert at the French Centre for Research on Contemporary China, said the announcement, which noted the virus was "detected overseas", is in line with China's current rhetoric around cybersecurity. A top mobile operator said Friday that it had been hit by cyperattacks similar to those that crippled some United Kingdom hospitals.

U.S. Treasury Secretary Steven Mnuchin, at a meeting in Italy, said Saturday the attack was a reminder of the importance of cybersecurity.

"That's why we're seeing these numbers increasing all the time", he said.

Europol's Wainwright underscored the point Sunday. Although Microsoft has issued a patch to address the vulnerability and reports indicate that the spread of this version of Wannacry has been stemmed for the time being, this certainly won't be the last ransomware attack we see.

Senior US security officials held another meeting in the White House situation room on Saturday, and the Federal Bureau of Investigation and the National Security Agency were working to help mitigate damage and identify the perpetrators of the attack, said the official, who spoke on condition of anonymity to discuss internal deliberations.

The attack held users hostage by freezing their computers, encrypting their data and demanding money through online bitcoin payment - $300 at first, rising to $600 before it destroys files hours later. WannaCry should not have reached disastrous proportions - Microsoft released a patch that could close the vulnerability in March, well before the NSA's tool was released in usable form.

This extends to not grumbling when your system administrator at work takes the network down periodically to update systems, which usually includes installing new and often software patches.

"Right now, just about every IT department has been working all weekend rolling this out", Dan Wire, spokesman at Fireeye Security, said.

"In cases of genuine URLs close out the e-mail and go to the organisation's website directly through browser", it said.

The cyber-attack has disrupted NHS services in parts of England and Scotland since Friday afternoon.

The head of Turkey's Information and Communication Technologies Authority or BTK says the nation was among those affected by the ransomware attack.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, said ransomware attacks like WannaCry are "not going to be the norm". The agency could have notified Microsoft back then, enabling the company to close the security hole and protect its millions of users.

Experts say it will be hard for them to replicate the conditions that allowed the so-called WannaCry ransomware to proliferate across the globe.

"We have confirmed additional infections in several additional countries (apart from the UK), including Russia, Ukraine, and India", it said in a report.

It said Sunday that a similar cyberattack could also recur, though it did not have "specific evidence" of this.

According to Matthew Hickey, founder of the security firm Hacker House, the attack is not surprising, and it shows many organizations do not apply updates in a timely fashion. Here's how to turn automatic updates on. Soon after the leak, hackers infected thousands of vulnerable machines with a backdoor called DOUBLEPULSAR.