The full scale of the international cyber attack that continues to disrupt the NHS may only become apparent when people return to work on Monday, experts have warned.
More than 200,000 victims in around 150 countries have been infected by the ransomware which originated in the UK and Spain on Friday before spreading globally.
Around a fifth of NHS trusts were hit in the attack, forcing them to postpone operations and procedures over the weekend.
Seven hospitals remained on A&E divert on Sunday afternoon, with ambulances taking emergency patients elsewhere.
Speaking to ITV News, the Director of Europol, Rob Wainwright said: "We've seen the extent to which the ransomware, which had its infection rates slowed down over the weekend, now mutated by the cyber crime groups behind it.
"So a new strain of it is running, which means that I think if companies haven't patched the problem by the time their people come to work on Monday morning I think we could see the rates of infection going up again quite markedly."
It is not known how the attack has affected GP surgeries, which are due to open as usual on Monday.
An NHS England spokesman described it is a "very complex emerging picture".
People are advised to attend any hospital or doctor appointments as normal, unless they are contacted and told not to.
Dr Anne Rainsberry, NHS incident director, said: "We have been working with 47 organisations providing urgent and emergency care who have been infected to varying degrees.
"Most have found ways of working around this but seven, including St Barts in London, have asked for extra support."
It comes amid concerns networks were left vulnerable because they were still using outdated Windows XP software.
Medical staff reported seeing computers go down "one by one" as the Wanna Decryptor ransomware, also known as WannaCry, took hold, locking machines and demanding money to release the data.
The apparent chink in the NHS's defences led to criticism of the Government, with the Liberal Democrats demanding an inquiry. Labour's shadow health secretary, Jonathan Ashworth, in a letter to Health Secretary Jeremy Hunt, said concerns were repeatedly flagged about outdated computer systems.
However Home Secretary Amber Rudd said it was important to remember that it was not just the NHS which had been affected.
"If you look at who's been impacted by this virus, it's a huge variety across different industries and across international governments," she said.
"This is a virus that attacked Windows platforms. The fact is the NHS has fallen victim to this."
Investigators from around the globe, including the National Crime Agency, are working to hunt down those responsible for the virus.
A British cyber whiz was hailed an "accidental hero" after he registered a domain name that unexpectedly stopped the spread of the virus.
The anonymous specialist, known only as MalwareTech, issued a warning that hackers could upgrade the virus to remove the kill switch.