But he also said the incident was a "wake-up call" for governments.
It threatens to delete files within seven days if no payment is made.
Among the organisations targeted worldwide have been Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia's interior ministry.
Senior spokesman for Europol, Jan Op Gen Oorth, told Agence France-Presse: "The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success".
Universities and other educational institutions in China were among the hardest hit, possibly because schools tend to have old computers and be slow to update operating systems and security, said Fang Xingdong, founder of ChinaLabs, an internet strategy think tank.
Mr Hunt said the message was "very clear", for individuals and organisations.
"We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits", Smith said.
South Korea: Only nine ransomware cases.
China: Hundreds of thousands of computers suffered initially, China's Qihoo tech firm said.
Banking systems across the region were largely unaffected.
The attack was only stopped by a 22-year-old cyber whizz, who wished to stay anonymous, and who accidentally registered a domain name which shut down the attacks.
This won't take long.
It was too early to say who was behind the onslaught, which struck 100,000 organizations, and what their motivation was, aside from the obvious demand for money.
Associated Press quoted Tim Wellsmore, of U.S. security firm FireEye, as saying: "We expect this is a small operation".
"One of the rules in Russia is that Russian criminals are not allowed to hack Russian targets", Lewis said.
Companies have warned users and staff not to click on attachments or links.
The attack therefore spread faster than previous, smaller-scale ransomware attacks.
MalwareTech, whose name was revealed in United Kingdom media to be 22-year-old Marcus Hutchins, was hailed as an "accidental hero" after registering a domain name to track the spread of the virus, which actually ended up halting it.
When the National Security Agency lost control of the software behind the WannaCry cyberattack, it was like "the USA military having some of its Tomahawk missiles stolen", Microsoft President Brad Smith says, in a message about the malicious software that has created havoc on computer networks in more than 150 countries since Friday.
It is highly critical of the way governments store data on software vulnerabilities.
Smith wrote in a blog post Sunday that the attack is an excellent object lesson in why governments stockpiling such vulnerabilities is such a problem.
"An equivalent scenario with conventional weapons would be the United States military having some of its Tomahawk missiles stolen", Smith wrote. "People may have updated their security systems over the last hours", Europol said.
Microsoft distributed a patch two months ago that protected computers such an attack, but in many organizations it was likely lost among the blizzard of updates and patches that large corporations and governments strain to manage.
Weber said the NSA's primary mission is intelligence: "If I were sitting at the NSA I would push that argument right back to Microsoft", he argued.
The NSA keeps a chest of cyber-weapons to itself so it can hit targets, but Microsoft has long argued that this is unsafe.
"For Silicon Valley and technology companies, their future depends on these underlying systems working", he said. Though there were no reports of financial institutions in India being hit by WannaCry Ransomware, the authorities concerned are leaving anything to chance. Tough - time-consuming, expensive and complex. "They would say, 'It's our job to stockpile those weapons and use them against our adversaries'".