The following information was obtained from the different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG).

The information provided was classified as Restricted pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.


Cryptovirus is a computer virus that contains and uses a public key.  It may come as an email attachment or a link sent via an instant messenger chat window.  Cryprtovirus may utilize secret sharing to hide information and may communicate by reading posts from public bulletin boards.  Cryptotrojans and cryptoworms are similar with cryptoviruses except that they are Trojan horses and worms, respectively.

The typical cryptoviral attack is done in a few steps.  The cryptovirus attaches itself to some data which it will encrypt by using a symmetric key.  The symmetric key and the data will then be encrypted using the creator’s public key.  The creator will then put the data up for ransom which the victim may choose to pay the ransom or lose the data.

Viruses have used cryptography in the past only for the purpose of avoiding detecting by anti-virus software.


PNP personnel and the public are advised to follow the best practices to counter cryptoviruses attack:

  • Always ensure the performance of regular backups for critical information to limit the impact of data or system loss. Keep the data on a separate device and store offline.
  • Keep anti-virus and anti-spyware updated.
  • Always keep the operating system and software updated with the latest patches.
  • Encrypt important data.
  • Do not follow unsolicited weblinks in emails.
  • Be cautious when opening email attachments.

For additional information, please refer to the following websites:


 Please contact PCINSP ANGELICA STARLIGHT L. RIVERA, Chief, Personnel Records Management Section thru email address This email address is being protected from spambots. You need JavaScript enabled to view it. or contact us on telephone number (632) 7230401 local 3562 for any inquiries related to this CYBER SECURITY BULLETIN.