* FireEye, Symantec, Palo Alto Networks rally in U.S. trading
* Morgan Stanley upgrades Cisco Systems, lifting Dow
* Sophos, NCC Group, F-Secure up in Europe; security ETF surges
* Firms to hike investment in cyber protection
* Attack has infected 300,000 machines in 150 countries (Adds cybersecurity ETF, updates prices)
LONDON, May 15 (Reuters) - A global "ransomware" attack disrupting factories, hospitals, shops and schools spurred investors on Monday to buy stocks expected to benefit from a pickup in cyber security spending by companies and government agencies.
The cyber attack began spreading across the globe on Friday and by Monday had infected 300,000 computers in more than 150 countries.
"These attacks help focus the minds of chief technology officers across corporations to make sure security protocols are up to date, and you often see bookings growth at cyber security companies as a result," said Neil Campling, head of technology research at Northern Trust.
Investors treated the attack as a buying opportunity for security stocks rather than a cause for concern over the risk it posed to companies, with the pan-European STOXX 600 index closing higher and major U.S. indices also up.
In London, shares in cloud network security firm Sophos jumped more than 7 percent to a record high and security firm NCC Group rose 2.7 percent.
U.S.-listed shares in cyber security firms FireEye rose 8 percent, and peers Symantec and Palo Alto Networks were up around 3 percent.
The cyber security ETF rose 3.3 percent.
The attack would "refocus IT attention on updating security infrastructure and procedures" and benefit providers in email, network, and endpoint security, analysts at Wedbush wrote in a research report, highlighting Proofpoint and Splunk as stocks to watch. Proofpoint shares jumped 7.5 percent.
Analysts at Bernstein said desktop virtualization vendors Citrix Systems and VMware could indirectly benefit from the upgrade cycle, while defense companies Raytheon and BAE Systems should similarly get a boost in their commercial cyber security businesses.
Government spending on computer security should also help General Dynamics, Lockheed Martin and Northrop Grumman, Bernstein said.
Companies' spending on cyber security protection is set to increase 10 percent in Britain and Europe by 2020, according to Brian Lord, a managing director of cyber and technology at cyber security firm PGI, as outdated IT systems get a refresh.
"In many companies, there's been an increase in investment in IT but not in the security that sits around it, so this investment is likely to play a bit of catch-up," said Lord, who spent 21 years at UK government intelligence service GCHQ.
The risks of security breaches, particularly when they result in the leak of sensitive customer data, has in the past had a direct impact on share prices as investor confidence is shaken.
"Reducing the cost of security breaches by only 10 percent can save global enterprises $17 billion annually," Morgan Stanley said in a report published on Monday.
The U.S. broker upgraded networking equipment giant Cisco Systems to "overweight." Cisco shares, part of the Dow Jones Industrial Average were up 2.3 percent.
With few pure-play, publicly traded software and network security companies in Europe, a London-listed cyber security exchange-traded fund (ETF), whose holdings include Cisco and FireEye, was in demand, ending up 3.4 percent.
In Helsinki, Finnish digital security firm F-Secure jumped as much as 5.1 percent to a 16-year high.
(Additional reporting by Danilo Masoni and Megan Davies; Editing by Bill Rigby and Nick Zieminski)