Bob Wainright, the head of Europol, the co-ordinating organisation for police forces in Europe, has warned that Friday’s cyber attack on Windows computers is not over.
Mr Wainwright said that the ransomware - software that blocks access to data until a ransom is paid - was combined with a worm application - a program that replicates itself in order to spread to other computers.
This, he said, was allowing the "infection of one computer to quickly spread across the networks".
He added: "That's why we're seeing these numbers increasing all the time.
The attack was initially brought to a halt when a computer blogger accidentally triggered a “kill switch”.
The researcher first noticed that the malware was trying to contact a specific web address every time it infected a new computer.
But the web address it was trying to contact - a long jumble of letters - had not been registered.
MalwareTech decided to register it, and bought it for $10.69 (£8). Owning it would let him see where computers were accessing it from, and give him an idea of how widespread the ransomware was.
The hackers have since modified the malware so that this temporary fix will no longer stop the spread. Microsoft has now issued a further patch and, importantly, one for Windows XP which it has not supported for a couple of years or more.
A number of experts are warning that the start of business on Monday will see a further wave of attacks as people open infected computers.
A number of organisations have been hit. The NHS in England and to a lesser extent in Scotland has had disruption. Scheduled operations have been cancelled. The NHS has sent recommendations to doctors’ surgeries. Several hospital trusts (which run NHS hospitals in England) are still affected but it is hoped most will be back to more or less normal on Monday. Other victims include Deuche Bahn, the German national railway (which has had to resort to chalk written departure boards), FedEx, Telefonica (the Spanish telecommunications company) and even the Russian interior ministry.
A quick reminder: while current Windows versions have Defender, many people prefer to install other anti-virus programs. There are a number of free ones available on line; usually cut down but still effective versions of their full product withouts some of the “bells and whistles”.