The biggest cyber attack the world has ever seen is still claiming victims and threatens to create even more havoc when people return to work. The attack is a virus that locks people out of their computer files until they pay a ransom to the hackers.
Experts say the spread of the virus had been stymied by a security researcher in the U.K. Hackers have issued new versions of the virus that cyber security organizations are actively trying to counter and stamp out.
“We will get a decryption tool eventually, but for the moment, it’s still a live threat and we’re still in disaster recovery mode,” Rob Wainwright, the head of the European Union’s law enforcement agency Europol, told CNN’s Becky Anderson on Sunday. He added that the agency is still analyzing the virus and has yet to identify who is responsible for the attack.
The U.K.’s National Cyber Security Centre said Sunday that there have been “no sustained new attacks” of the kind that struck Friday.
But the agency added that some infections may not yet have been detected, and that existing infections can spread within networks.
Wainwright said earlier on British TV that the attack was “unprecedented” in its reach, with more than 200,000 victims in at least 150 countries.
Organizations around the world spent the weekend trying to recover after being hit by a virus that seeks to seize control of computers until victims pay a ransom.
Hospitals, major companies and government offices were among those that were badly affected. Cybersecurity experts have said the majority of the attacks targeted Russia, Ukraine and Taiwan. But U.K. hospitals, Chinese universities and global firms like Fedex () also reported they had come under assault.
The ransomware is spread by taking advantage of a Windows vulnerability that Microsoft (Tech30) released a security patch for in March. But computers and networks that hadn’t updated their systems were still at risk.,
In the wake of the attack, Microsoft said it had taken the “highly unusual step” of releasing a patch for computers running older operating systems including Windows XP, Windows 8 and Windows Server 2003.
WannaCry has already caused massive disruption around the globe.
Sixteen National Health Service organizations in the U.K. were hit, and some of those hospitals canceled outpatient appointments and told people to avoid emergency departments if possible.
Barts Health, which runs five hospitals in London, said Sunday it was still experiencing disruption to its computer systems and it asked for the public to use other NHS services wherever possible.
In China, the internet security company Qihoo360 issued a “red alert” saying that a large number of colleges and students in the country had been affected by the ransomware, which is also referred to as WannaCrypt. State media reported that digital payment systems at some gas stations were offline, forcing customers to pay cash.