The UK could be hit by another cyber attack tomorrow, a security researcher who halted the spread of ransomware during Friday’s worldwide attack has warned.
The British blogger, 22, whose real identity remains hidden, located and inadvertently activated a “kill switch” in the malicious software.
The man, known as MalwareTech, has predicted that another attack is coming “quite likely on Monday”.
The virus spread to 100 countries on Friday, including Russia, France, Spain and the US.
Thousands of systems were affected worldwide, including the NHS, with 48 NHS trusts falling victim in England and another 13 bodies in Scotland.
A number of hospitals in England and Scotland were forced to cancel procedures.
Around a fifth of trusts were hit, with six still affected 24 hours later, amid concerns networks were left vulnerable because they were still using outdated Windows XP software.
Medical staff reported seeing computers go down “one by one” as the attack took hold, locking machines and demanding money to release the data.
On Saturday Home Secretary Amber Rudd urged NHS trusts to upgrade their computer systems after it was reported that 90% of NHS hospitals are still using Windows XP.
MalwareTech told the BBC: “It’s very important that people patch their systems now.
“We have stopped this one, but there will be another one coming and it will not be stoppable by us.
“There’s a lot of money in this. There’s no reason for them to stop. It’s not really much effort for them to change the code and then start over.
“So there’s a good chance they are going to do it... maybe not this weekend, but quite likely on Monday morning.”
Investigators are now working non-stop to hunt down those responsible for the Wanna Decryptor ransomware, also known as WannaCry.
Oliver Gower, of the National Crime Agency, said: “Cyber criminals may believe they are anonymous but we will use all the tools at our disposal to bring them to justice.”
Speaking after a Cobra meeting on Saturday, Rudd admitted “there’s always more” that can be done to protect against viruses.
She said: “If you look at who’s been impacted by this virus, it’s a huge variety across different industries and across international governments.
“This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this.
“I don’t think it’s to do with that preparedness. There’s always more we can all do to make sure we’re secure against viruses, but I think there have already been good preparations in place by the NHS to make sure they were ready for this sort of attack.”
NHS Digital, which manages the health service cyber security, said fewer than 5% of devices within the health service still use the old system Windows XP.
Just one day before the attack Dr Krishna Chinthapalli, a registrar in London, warned in a British Medical Journal article that some hospitals “will almost certainly be shut down by ransomware this year”.