(Recasts throughout, adds comment and updates prices)
LONDON, May 15 (Reuters) - A global "ransomware" attack disrupting factories, hospitals, shops and schools spurred European investors on Monday to buy up stocks expected to benefit from a pick-up in cybersecurity spending.
The cyber attack began spreading across the globe on Friday and by Monday had locked up computers in more than 150 countries, with experts warning of an even wider impact as more employees logged on and checked e-mails.
"These attacks help focus the minds of chief technology officers across corporations to make sure security protocols are up to date, and you often see bookings growth at cybersecurity companies as a result," said Neil Campling, head of technology research at Northern Trust.
In London, shares in cloud network security firm Sophos jumped more than 7 percent to a record high and security firm NCC Group rose 2.9 percent.
Campling said Sophos was particularly likely to benefit as its customer base was dominated by small and medium-sized companies, whose IT systems were often less well protected than larger firms and hence more likely to fall victim to ransomware attacks.
Europe's police agency Europol said on Monday the attack had hit 200,000 computers in at least 150 countries.
In Helsinki, Finnish digital security firm F-Secure jumped as much as 5.1 percent to a 16-year high.
With most publicly traded software and network security companies listed in the U.S., a London-listed cybersecurity exchange-traded fund (ETF) whose holdings include software provider Cisco Systems and cybersecurity firm Fireeye was also in demand.
The ETF was up 0.7 percent in mid-morning trading.
Cybersecurity breaches have wiped billions off affected companies' share prices since 2013, a report by IT consultant CGI found.
The European cyber security market of products and services protecting organizations from such breaches was worth $22 billion in 2016 and is expected to grow at 8 percent annually, consultancy PricewaterhouseCoopers said in a report earlier this year, citing Gartner data.
"Unfortunately the world is still very reactive to these attacks, looking for patches and fixes as opposed to preventive measures," said Campling. "These attacks do highlight that prevention is better."
(Additional reporting by Danilo Masoni, Editing by Vikram Subhedar and John Stonestreet)