“Ransomware attacks happen every day — but what makes this different is the size and boldness of the attack,” said Robert Pritchard, a cybersecurity expert at the Royal United Services Institute, a research organization in London. “Despite people’s best efforts, this vulnerability still exists, and people will look to exploit it.”

While most cyberattacks are inherently global, this one, experts say, is more virulent than most. Security firms said it had spread to all corners of the globe, with Russia hit the worst, followed by Ukraine, India and Taiwan, said Kaspersky Lab, a Russian cybersecurity firm.

The attack is believed to be the first in which such a cyberweapon developed by the N.S.A. has been used by cybercriminals against computer users around the globe.

While American companies like FedEx said they had also been hit, experts said that computer users in the United States had so far been less affected than others because a British cybersecurity researcher inadvertently stopped the ransomware from spreading.

The hackers, who have yet to be identified, included a way of disabling the malware in case they wanted to shut down the attack. They included code in the ransomware that would stop it from spreading if the virus sent an online request to a website created by the attackers.

The 22-year-old British researcher, whose Twitter handle is @MalwareTechBlog and who confirmed his involvement but insisted on anonymity because he did not want the public scrutiny, found the kill switch’s domain name — a long and complicated set of letters. Realizing that the name was not yet registered, he bought it himself. When the site went live, the attack stopped spreading, much to the researcher’s surprise.