But no new large-scale outbreaks have been reported, and British officials said a feared second wave of infections had not materialised. The new infections were largely in Asia, which had been closed for business when the malware first struck. In Britain, where the health service was among the first high-profile targets of the online extortion scheme, Health Secretary Jeremy Hunt said "we have not seen a second wave of attacks". He said "the level of criminal activity is at the lower end of the range that we had anticipated".
The malware, known as "WannaCry," paralysed computers running factories, banks, government agencies and transport systems, hitting 200,000 victims in more than 150 countries. Among those hit were Russia's Interior Ministry and companies including Spain's Telefonica and FedEx in the US. Though the spread of the ransomware slowed on Monday, many companies and government agencies were still struggling to recover from the first attack. Carmaker Renault said one of its French plants, which employs 3,500 people, was not reopening Monday as a "preventative step".
Britain's National Health Service said about a fifth of NHS trusts were hit by the attack on Friday, leading to thousands of cancelled appointments and operations. Seven of the 47 affected trusts were still having IT problems on Monday. The British government denied allegations that lax cybersecurity in the financially stretched, state-funded health service had helped the attack spread. Prime Minister Theresa May said "warnings were given to hospital trusts" about the Microsoft vulnerability exploited by the attackers.
Nissan in Japan said some units had been targeted by the global cyber attack but there was no major impact on its business
NHS Digital, which oversees U.K. hospital cybersecurity, said it sent alerts about the problem - and a patch to fix it - to health service staff and IT professionals last month. Tim Stevens, a lecturer in global security at King's College London, warned that the incident should be a wake-up call to both the public and private sectors to incorporate security into computer systems from the ground up, rather than as an afterthought. "This thing cannot be brushed under the carpet," he said. "It is so visible and so global. There is going to have to be change at levels where change can be made." In Asia, where Friday's attack occurred after business hours, thousands of new cases were reported on Monday as people came back to work.
The Japan Computer Emergency Response Team Coordination Centre, a non-profit group, said 2,000 computers at 600 locations in Japan were affected. Companies including Hitachi and Nissan Motor Co reported problems but said they had not seriously affected their operations. Chinese state media said 29,372 institutions there had been infected along with hundreds of thousands of devices. Universities and other educational institutions in China were among the hardest hit, possibly because schools tend to have old computers and be slow to update operating systems and security, said Fang Xingdong, founder of ChinaLabs, an internet strategy think tank.
MORE