Microsoft has hit out at governments for "stockpiling vulnerabilities", blaming them for the "widespread damage" caused by the latest cyberattack.
The software giant compared the severity of the attack with "the US military having some of its Tomahawk missiles stolen".
The malicious software – known as WannaCrypt or WannaCry – is widely believed to have been developed as a hacking tool by the US National Security Agency.
The cyberattack, which began in London on Friday morning, has so far affected 150 countries and locked 200,000 computers.
So far only £25,000 been paid to the attackers in the requested anonymous bitcoin currency.
However, it is believed the amount will increase as victims rush to pay ransoms of £230 ($300) or more ahead of deadlines to restore access.
The full cost of the attack and associated computer outages is not yet known, but is currently being estimated in the range of hundreds of millions of dollars.
In a blog post, released by Microsoft on Sunday, they called the attack a "wake-up call" and identified "nation-state action and organised criminal action" as "the two most serious forms of cybersecurity threats in the world today".
The company said it had released a security update back in March to protect Windows system computers against such attacks, but said many computers "remained unpatched globally".
Brad Smith, Microsoft's president and chief legal officer, wrote: "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.
"This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.
"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.
"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.
"And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organised criminal action.
"The governments of the world should treat this attack as a wake-up call.
"They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world."
Microsoft released a further patch on Friday in an attempt to stop the massive ransomeware worm from spreading across networks.
Hospitals, oil companies, banks and other organisations have been affected around the world, with many fearing a repeat of the cyberattack chaos on Monday as people return to work.
Emergency meetings have been held in the US to assess the threat posed by the global attack.
There are also concerns that Asia is yet to feel the full force of the ransomeware, with the extent of the damage to become apparent as Monday progresses.
Countries so far hit by the attack include the UK, US, Spain, Ukraine, France, Russia, Australia, Indonesia, Singapore, India, Sweden and Norway.