Companies should be particularly sensitive to viruses and Trojans and identify potential economic damage.

Inform system administrator

If you find a virus or Trojan on your company computer, you should immediately inform your system administrator and disconnect the device from the network. If you do not report the incident internally, your company is at risk of further damage, which you are usually unable to assess. Viruses and Trojans can spread from your device to other devices and, for example, forward company data to third parties.

Report damage

If you suspect that you have suffered economic damage, you should contact the Central Contact Point for Cybercrime at the NRW State Criminal Police Office. 

The NRW Landeskriminalamt’s Single Point of Contact for Cybercrime is available around the clock: 

Single Point of Contact
Telephone: +49 211 939-4040

Secure evidence

Do not make any independent attempts to remove the malicious software at first. Only in this way is it possible for the police to secure evidence and initiate investigations. The police experts will give you further recommendations for action. In general, you should additionally involve external experts in the event of a virus or Trojan attack in your company.

Discovering the cause

After a virus or Trojan detection in your company, be sure to analyze the cause and identify possible vulnerabilities in your system. 

Change all important passwords, e.g. to SAP systems, to data backup or to possible control systems. 

Internally, check your processes and security settings, eliminate possible vulnerabilities. 

Don’t neglect IT security training and awareness for your employees. 

Cyber criminals often look for the weakest link in companies, which mean this topic affects each and every member of staff.