But when Asia opened for business on Monday, not much happened.
Russian Federation and Britain were among the worst-hit countries by the attack. "We don't have a precedent for something of this scale (in China)", said Marin Ivezic, a cybersecurity expert at PwC in Hong Kong.
Friday's global cyber-attack has affected more than 200,000 victims in 150 countries, Europol chief Rob Wainwright said on Sunday. Among those hit were Russia's Interior Ministry and companies including Spain's Telefonica and FedEx Corp.in the U.S.
The auto manufacturer had to halt production at sites in France, Slovenia and Romania as part of measures to stop the spread of the virus.
NHS Digital was offering 24/7 support to hospitals affected by the attack, nothing that the "vast majority of NHS organizations" are running contemporary systems.
Dr Anne Rainsberry, national incident director at NHS England, said: "There are encouraging signs that the situation is improving, with fewer hospitals having to divert patients from their A&E units".
"The EternalBlue exploit is part of a bigger leak called "Lost In Translation" that packs multiple vulnerabilities ranging from simple annoyances to extremely severe ones", Bogdan Botezatu, senior e-threat analyst at Bitdefender, said by email.
"While a massive ransomware outbreak does serve as a kick in the behind, taking action is not always as simple as it sounds and WannaCry can not be described as a "good thing" under any circumstances", Lee Munson of Comparitech told IBTimes UK via email. "It is so visible and so global".
Experts said it appeared that the ransomware had made just over $32,000, although they expected that number to pop when people went back into the office Monday.
"The numbers are still going up", Wainwright said. Japanese broadcaster NTV reported 600 companies in that country had been hit, and automaker Nissan and the Hitachi conglomerate said they were addressing the problem at their units that were affected.
Gas stations: State-run media in China reported that some gas stations saw their digital payment systems shut down, forcing customers to bring cash.
People are advised to attend any hospital or doctor appointments as normal, unless they are contacted and told not to.
But he also blamed the governments.
The indiscriminate attack was unleashed Friday, striking hundreds of thousands of computers worldwide by exploiting known vulnerabilities in older Microsoft computer operating systems.
The attack blocks computers and puts up images on victims' screens demanding payment of $300 (Dh1,100) in the virtual currency Bitcoin, saying: "Ooops, your files have been encrypted!" It has issued a list of do's and dont's to these agencies and advised installation of relevant "patches" to protect against any data breaches.
He also warned hackers could upgrade the virus to remove the "kill switch" that helped to stop it.
"There will be some delays to our services as we recover from the effects of the cyber attack, and we ask for people's patience and understanding as we work to fully restore our systems". "We haven't fully dodged this bullet at all until we're patched against the vulnerability itself".
Microsoft distributed a patch two months ago that protected computers such an attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage.
A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.
As of Friday, HITRUST said it had not received any reports of an attack on a US hospital.
Bossert told ABC's "Good Morning America" that the attack is something that "for right now, we've got under control" in the United States.
Check Point is among the cybersecurity firms warning that victims should not pay the ransom demanded by WannaCry ransomware.
"If you have anything to patch, patch it", the researcher said in a blog post.