IT experts are "working round the clock" to restore NHS computer systems hit by Friday's ransomware attack.
Ciaran Martin, head of the UK's cyber security agency, said it was doing "everything in our power" to get "vital services" back up and running.
The BBC understands about 40 NHS organisations and some GP practices were hit in England and Scotland, with operations and appointments cancelled.
Theresa May said the NHS had been caught up in an international attack.
Similar computer infections have been reported in a range of organisations in about 100 countries.
Some British hospitals and GPs were unable to access patient data after their computers were locked by the malicious program.
The NHS has not been affected in Wales and Northern Ireland.
NHS Digital said there was no evidence patient data had been compromised,
NHS England said patients needing emergency treatment should go to A&E or access emergency services as they normally would.
However, some ambulances have been diverted from affected hospitals and individual trusts have asked people not to attend unless it is urgent.
- Who has been hit by the NHS cyber attack?
- Explaining the global malware outbreak
- Ransomware infects computers worldwide
Mr Martin, who leads the National Cyber Security Centre - part of GCHQ - said "thousands of organisations and individuals in dozens of countries" had been hit by the attack.
Those responsible have not been indentified yet.
He told the BBC: "It's important to understand that cyber attacks can be different from other forms of crime in that their sometimes highly technical and anonymous nature means it can take some time to understand how it worked, who was behind it and what the impact is.
"But our commitment is we will be as open as we can be, as soon as we can be, as our investigation continues."
The malware used in the attack is called WannaCry and attacks Windows operating systems.
It encrypts files on a user's computer, blocking them from view, before demanding money, via an on-screen message, to access them again.
The demand is for a payment of $300 (£230) in virtual currency Bitcoin to unlock the files.
The virus is usually covertly installed on to computers by hiding within emails containing links, which users are tricked into opening.
Security chiefs and ministers have repeatedly highlighted the threat to Britain's critical infrastructure and economy from cyber-attacks.
'Hit the go button'
The former director for intelligence and cyber operations at GCHQ, Brian Lord, told BBC's Newsnight that the NHS was particularly vulnerable to such attacks because of its ageing IT systems.
"Also [it has] very, very complex interconnectivity between surgeries, trusts, boards and so on," he said.
"So, as a consequence, there is an awful lot of openings for delivery of this type of basic malware."
Convicted hacker Jake Davis also told the programme: "The most terrifying thing about this is how simple it is.
"It might have been a sophisticated criminal organisation or it might have just been some kid who hit the go button and a worm has just spread when they went to take a nap."
He said that two months ago Microsoft had issued a patch for the bug exploited by the virus, but some systems had not applied it.
In Russia, the Interior Ministry said about 1,000 computers had been hit.
People tweeted photos of affected computers from other countries, including at a local railway ticket machine in Germany and in a university computer lab in Italy.
A number of Spanish firms - including telecoms giant Telefonica, power firm Iberdrola and utility provider Gas Natural - suffered from the outbreak.
Portugal Telecom, delivery company FedEx, a Swedish local authority and Megafon, the second largest mobile phone network in Russia, also said they had been affected.
Get news from the BBC in your inbox, each weekday morning
Please include a contact number if you are willing to speak to a BBC journalist. You can also contact us in the following ways:
- Send pictures/video to
- Upload your pictures / video here
- Tweet: @BBC_HaveYourSay
- Text an SMS or MMS to (UK) or (international)