[19.1.2023] Extended testing of terminal equipment

Since the cyberattack on the UDE, the end devices of employees in the centrally administered areas have been checked by ZIM for malware related to the attack. At the same time, the IKM officers were informed about how these checks can be carried out in the decentralised areas.

Since not all antivirus programmes respond (or have responded) to both files, a second virus scan may now be necessary on some endpoints.

In the centrally administered areas, the ZIM addresses the corresponding users directly, as the scan requires administration rights.

Decentrally, each end device should be scanned with the latest version of Sophos or Windows Defender for a reliable assessment.  (Choose a scan of all files – including system files. This also requires administration rights). In an emergency, contact the support responsible or available in your area.

Instructions for installing Sophos can be found at:


(call from the internal UDE network).

If the virus scan finds threats

Do not delete any malware found, as all detected files have forensic value. Select the option in your antivirus software to „quarantine“ any threats found. (Usually this happens automatically or is suggested to you for selection).

Notify the ZIM or decentralised responsible persons.