- Project Infinity and Mobile Security Rewards Program reinforce Samsung's security strategy
- Red, blue and purple teams protect Galaxy devices from cyber threats
- CTI task force scours the Dark Web to prevent device leaks
Samsung has always prioritized the security of its Galaxy smartphones and, with the launch of the Galaxy S24 series, promised seven years of unprecedented mobile security updates.
Behind this expanded protection lies a secretive and highly specialized security initiative known as Project Infinity, but Samsung has lifted the veil and provided some details about the project.
Project Infinity comprises multiple working groups ensuring that billions of Galaxy smartphone users around the world are protected from the growing threat of cybercrime.
The invisible guardians of Galaxy devices
At the center of Project Infinity are three distinct teams, Red, Blue, and Purple, along with a Cyber Threat Intelligence (CTI) working group. These groups operate globally in countries such as Vietnam, Poland and Brazil, working behind the scenes to prevent and mitigate cyberattacks.
Each team has a specific role, from proactive threat detection to creating and implementing defensive measures. Their work is largely invisible to the public and only comes to light when they receive a security patch on their device.
The CTI working group specializes in identifying potential cyber threats, ensuring that hackers cannot exploit vulnerabilities in Galaxy devices. The team scours the Deep Web and Dark Web for signs of illicit activity, from malware to stolen data.
By analyzing system behaviors, such as unusual data requests or suspicious network traffic, the team can identify and neutralize threats, while collaborating with other departments to implement security updates.
“Occasionally, we engage in security investigations by simulating real-world transactions,” said Justin Choi, vice president and head of security team, Mobile eXperience Business at Samsung Electronics.
“We closely monitor forums and marketplaces for mentions of zero-day or N-day exploits targeting Galaxy devices, as well as any leaked intelligence that may serve as an entry point for system infiltration.”
Samsung's security operation is modeled after military-style tactics, with the Red and Blue teams simulating attacks and defenses, respectively.
Through techniques like “fuzzing,” which involves throwing random data into software, they can find hidden vulnerabilities that would otherwise go undetected. Meanwhile, the blue team is working tirelessly to develop and deploy patches to protect against these vulnerabilities.
The Purple team combines the expertise of the Red and Blue teams, focusing on critical areas of Galaxy's security infrastructure. They also work with third-party security researchers to ensure that no potential weaknesses go undetected.