Colchester General Hospital, for example, has shut down all computer systems as a precautionary measure, Sky News reports, and issued a statement saying it was "postponing all non-urgent activity for today and we are asking people not to come to A&E".
The scope of the attacks was not immediately clear, but some analysts reported that dozens of countries had been affected, with the malware linked to attacks on hospitals in Britain as well as the Spanish telecom giant Telefonica and the United States delivery firm FedEx. Links to the updates can be found in Microsoft's announcement. Home Secretary Amber Rudd said all but six of the NHS trusts back to normal Saturday. Along the side of the window are threats including a timeline of when users' files will be lost and a deadline for an increased ransom price.
"The recent attack is at an unprecedented level and will require a complex worldwide investigation to identify the culprits", said Europol, Europe's police agency.
It was not yet known who perpetrated Friday's attacks.
Also badly hit was Britain's National Health Service, which declared a "major incident" after the attack, which forced some hospitals to divert ambulances and scrap operations.
"Both staff and patients were frankly pretty appalled that somebody, whoever they are, for commercial gain or otherwise, would attack a health care organization", he said. A large cyberattack crippled computer systems at hospitals across England on Friday, with appointments canceled, phone lines down and patients turned away.
Security officials in Britain urged organizations to protect themselves from ransomware by updating their security software fixes, running anti-virus software and backing up data elsewhere.
The attack infected computers with what is known as "ransomware", software that locks up the user's data and flashes a message demanding payment to release it. Russia's health ministry said its attacks were "effectively repelled".
The global ransomware attack came a day after President Donald Trump signed an executive order aimed at tightening US cybersecurity. A spokeswoman said the company was "doing what is needed to counter this attack". Radio Slovenia said Saturday the Revoz factory in the southeastern town of Novo Mesto stopped working Friday evening to stop the malware from spreading - and was working with the central office in France to resolve the problem.
The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a "worm", or self spreading malware, researchers with several private cyber security firms said.
The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA.
Many companies and individuals have not installed the fixes yet or are using older versions of Windows that Microsoft no longer supports and did not fix.
In the U.S., FedEx Corp. reported that its Windows computers were "experiencing interference" from malware, but wouldn't say if it had been hit by ransomware.
The Spanish media reported that Telefonica bore the brunt of the attack, which caused the crash of the computers of Telefonica personnel at the company's Madrid headquarters, leaving them with blue screens and also halting other devices.
It said the attacks had not affected the companies' services or data protection of their clients.