{"id":7039,"date":"2024-12-21T12:11:25","date_gmt":"2024-12-21T04:11:25","guid":{"rendered":"https:\/\/klhappenings.com\/?p=7039"},"modified":"2024-12-21T12:11:27","modified_gmt":"2024-12-21T04:11:27","slug":"samsung-project-infinity-the-team-keeping-you-safe-online","status":"publish","type":"post","link":"https:\/\/klhappenings.com\/?p=7039","title":{"rendered":"Samsung Project Infinity: The Team Keeping You Safe Online"},"content":{"rendered":"\n

Beginning with the Galaxy S24 series, Samsung has been offering up to seven years of <\/strong>mobile security updates<\/a>.[1]<\/a> As one of the longest periods of security support available for mobile devices, these updates mean customers can safely use their phones for longer.<\/p>\n\n\n\n

This peace of mind is important when navigating our hyperconnected age as cyber threats become more common than you think and are often undetectable until too late. The global cost of cybercrime is expected to surge in the next four years, rising from $9.22 trillion in 2024 to $13.82 trillion by 2028.[2]<\/a> Therefore, it is critical to use a device that benefits from an ecosystem of protective measures \u2014 such as security updates.<\/p>\n\n\n\n

But where do these updates come from, and why do they pop up on your phone so regularly? Deep at the heart of Samsung\u2019s Mobile eXperience Business lies Samsung Project Infinity, a classified operation. Samsung Newsroom met the specialist units within Samsung Project Infinity who safeguard Galaxy devices and users around the clock.<\/p>\n\n\n\n

Deep Diving for Unknown Dangers<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The Cyber Threat Intelligence (CTI) taskforce is a reconnaissance unit within Samsung Project Infinity along with the Red (RED), Blue (BLUE) and Purple (PURPLE) Teams that go beyond lab conditions to identify real-world dangers. RED and BLUE perform proactive attack and defense functions, seeking out vulnerabilities and taking measures against them. PURPLE is a special operations unit that acts as both a sword and shield for specific critical areas. These teams are strategically deployed in various countries all over the world including Vietnam, Poland, Ukraine and Brazil.<\/p>\n\n\n\n

They work covertly. The only time you\u2019ll ever feel their presence is when you get an update containing a security patch.<\/strong><\/em><\/strong><\/p>\n\n\n\n

CTI is dedicated to identifying potential threats and stopping hackers from taking control of your device by staying on top of the latest risks. They work to prevent malicious actions, address threats involving the trade of stolen information and ensure your smartphone or tablet stays securely under your control.<\/p>\n\n\n\n

The taskforce protects Galaxy\u2019s internal infrastructure \u2014 safeguarding customer data and employee information such as access credentials \u2014 since any confidential information stolen by a hacker could be sold or abused for further attacks.<\/p>\n\n\n\n

To identify potential threats and deploy countermeasures, CTI regularly explores the Deep Web and the Dark Web \u2014 bustling markets for security exploits, spyware, malware, ransomware, illicit tools and confidential corporate and customer information.<\/p>\n\n\n\n

Justin Choi, Vice President and Head of the Security Team, Mobile eXperience Business at Samsung Electronics, leads CTI. With over 20 years of experience in the U.S. tech industry as a cybersecurity authority and ethical hacker, Choi has collaborated globally to fortify security for major financial and tech firms. His expertise in identifying and mitigating zero-day threats drives the development of advanced security measures that protect over a billion Galaxy users around the world.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

\u201cOccasionally, we engage in security research by simulating real-world transactions,\u201d said Choi. \u201cWe closely monitor forums and marketplaces for mentions of zero-day or N-day exploits targeting Galaxy devices, as well as any leaked intelligence that could potentially serve as an entry point for system infiltration.\u201d<\/p>\n\n\n\n

As an ethical or \u201cwhite hat\u201d hacker \u2014 whose deep understanding of hacking helps to identify and address vulnerabilities \u2014 Choi explained that any hint of suspicious behavior within the system is swiftly traced to its origin.<\/p>\n\n\n\n

For example, request for excessive privileges, unexpected behavior, and network traffic with unknown servers could point to a potential breach, at which point CTI traces Indicators of Compromise to identify the threat actors and the purpose of the attacks.<\/p>\n\n\n\n

\u201cOnce we spot these kinds of threats, we collaborate with developers and operators to lock everything down for preventing attacks,\u201d said Ranger, a CTI member. (Samsung Project Infinity staff protect their identities with aliases to avoid being personally targeted by hackers.) \u201cWe even communicate with other departments and partners on private channels to avoid taking any chances.\u201d<\/p>\n\n\n\n

CTI also studies threat actors to decipher their behavioral patterns. Understanding their motivations and objectives can help reveal their attack methods and provide insights for fortification.<\/p>\n\n\n\n

\u201cSometimes, an attack is financially or politically motivated,\u201d added Tower, another CTI member. \u201cSometimes, they just like to show off.\u201d<\/p>\n\n\n\n

Eliminating Threats Before They Become Real<\/strong><\/p>\n\n\n\n

While real-time threat detection is crucial, a robust offensive security policy is equally vital. RED and BLUE are inspired by military practices in which a red team simulates enemy attacks and a blue team creates defenses to ensure safety in the face of ever-changing threats. In Samsung\u2019s approach, RED simulates hacker attacks and designs new attack scenarios to identify potential vulnerabilities, whereas BLUE develops and implements patches to protect against them.<\/p>\n\n\n\n

Specialising in combating zero-day attacks, the teams address vulnerabilities before they can be exploited to prevent unauthorised access or data breaches. One notable data breach is the Pegasus incident in 2020 that left an operating system vulnerable.<\/p>\n\n\n\n

The RED taskforce initiates their project by investigating Galaxy devices. They continuously use and analyze new features in Galaxy and delve into recently disclosed vulnerabilities, while envisioning potential security threats against users. By conducting diverse research, once they select a target that presents any potential risks to actual Galaxy users, the RED taskforce begins their quest to detect 0-day vulnerabilities in the target.<\/p>\n\n\n\n

\u201cOne thing we do is fuzzing,\u201d said Arrowhead, a RED member. \u201cThat throws all kinds of unexpected data at software to uncover any hidden flaws.\u201d<\/p>\n\n\n\n

Other methods such as code auditing as well as static and dynamic analyses help develop a comprehensive understanding of a system\u2019s health and safety. The team contextualises each threat in everyday scenarios to prevent threats to Galaxy devices.<\/p>\n\n\n\n

\u201cIt\u2019s not so urgent if there\u2019s a flaw with the alarm clock, but a glitch in location data could lead to somebody being unknowingly followed through their device,\u201d added Gate, a BLUE member. \u201cOnce we discover a hypothetical weakness, we hurry to patch it and roll out an update to the relevant models.\u201d<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

The Specialists Among Specialists<\/strong><\/p>\n\n\n\n

PURPLE acts as both aggressor and protector to ensure the security of critical areas, the key features of Galaxy devices. As the name suggests, PURPLE combines elements of RED and BLUE\u2019s skillsets \u2014 however, an extra in-depth knowledge of the security measures built into the mobile devices sets this team apart.<\/p>\n\n\n\n

\u201cSamsung collaborates with external security researchers to uncover vulnerabilities, but our own intimate knowledge of Galaxy systems allows for more effective targeting of potential weak spots,\u201d said Sphinx, a PURPLE member.<\/p>\n\n\n\n

\u201cThe better you know a system, the better you can protect it,\u201d added Oracle, another PURPLE member.<\/p>\n\n\n\n

Occasionally, PURPLE is called upon to address issues nobody else can including formulating new security requirements, designs and features. Though, it isn\u2019t just about keeping Galaxy devices and the Samsung Knox security platform in good shape. Samsung also advises and proposes solutions to chipset and network vendors depending on their requirements.<\/p>\n\n\n\n

Samsung\u2019s position as a hardware leader means the company can not only scale its security innovations but also cover its secure supply chain. In this way, Galaxy is contributing to the security of next generation of chips.<\/p>\n\n\n\n

Perhaps surprisingly, the motivation behind this work sometimes has nothing to do with technology. PURPLE members perform with a sense of duty to keep people safe, and they feel a certain pride and satisfaction in finding and addressing vulnerabilities.<\/p>\n\n\n\n

\u201cIt\u2019s not just me but also my family and friends who use Galaxy,\u201d continued Oracle. \u201cSo, let\u2019s make it safe!\u201d<\/p>\n\n\n\n

The bar for entry is high, and technical skills alone are not enough. To join the team, one must also demonstrate strength of character since any vulnerabilities discovered by the team could be very profitable in the wrong hands.<\/p>\n\n\n\n

\u201cThey must be tenacious and moral,\u201d said Choi. \u201cOne must be responsible and put users before their personal interests.\u201d<\/p>\n\n\n\n

\u201cBeing an early adopter and a big reader of tech trends is also useful,\u201d added Sphinx.<\/p>\n\n\n\n

A System of Safeguards<\/strong><\/p>\n\n\n\n

CTI, RED, BLUE and PURPLE are critical components of Galaxy\u2019s security strategy \u2014 but Samsung Project Infinity juggles many initiatives including the Samsung Mobile Security Rewards Program<\/a> which works with the wider security community to further scrutinise Galaxy\u2019s defenses.<\/p>\n\n\n\n

This year, Samsung has boosted this program with a maximum reward amount of $1 million \u2014 its highest cash incentive<\/a> yet for those who are able to identify the most severe attack scenarios within Galaxy devices.<\/p>\n\n\n\n

\u201cIt\u2019s crucial to encourage participation from the security community in identifying potential vulnerabilities,\u201d said Choi. \u201cEspecially in a world where cyberattacks are increasingly intelligent and disruptive.\u201d<\/p>\n\n\n\n

All of this goes hand in hand with Samsung\u2019s longstanding model of collaboration<\/a> with hundreds of partners including carriers, service providers, chipset vendors and more. While regularly working with these partners as well as the wider community to identify threats and develop patches, Samsung Project Infinity ensures Samsung proactively takes initiative and responsibility for reinforcing its own areas of weakness.<\/p>\n\n\n\n

\u201cJust because we have internal specialists, this doesn\u2019t mean we don\u2019t work with others,\u201d added Choi. \u201cHaving more eyes gives us a better chance at spotting any vulnerabilities and helps us keep users safe.\u201d<\/p>\n\n\n\n

So, are you still ignoring that notification now that you know it is from a team deeply committed to your security? Each of those notifications represents Samsung\u2019s <\/strong>ongoing effort<\/em><\/a> in keeping your data safe.<\/strong><\/p>\n\n\n\n

The next time you see an update, don\u2019t hesitate. Hit \u201cinstall\u201d and continue your online journey with peace of mind, knowing that there\u2019s a whole team looking out for you.<\/p>\n\n\n\n

Visit Samsung Malaysia\u2019s newsroom for more updates and news: https:\/\/news.samsung.com\/my\/<\/a><\/p>\n\n\n\n

\n\n\n\n

[1]<\/a> Timing and availability of security maintenance releases for Samsung Galaxy devices may vary by market, network provider and\/or model.<\/em><\/p>\n\n\n\n

[2]<\/a> Statista Market Insight, \u201cCybercrime Expected To Skyrocket in Coming Years,\u201d <\/em>Chart: Cybercrime Expected To Skyrocket in Coming Years | Statista<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Beginning with the Galaxy S24 series, Samsung has been offering up to seven years of mobile security updates.[1] As one of the longest periods of security support available for mobile devices, these updates mean customers can safely use their phones for longer. This peace of mind is important when navigating our hyperconnected age as cyber threats become more common than […]<\/p>\n","protected":false},"author":1,"featured_media":7040,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1005,1612,1483],"tags":[1613,1614],"class_list":["post-7039","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mobile-phone","category-mobile-security","category-new-feature","tag-samsung-project-infinity","tag-the-team-keeping-you-safe-online"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/klhappenings.com\/wp-content\/uploads\/2024\/12\/Samsung_ProjectInfinity_S24Dwelling_final_241118_KV.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/posts\/7039","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/klhappenings.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7039"}],"version-history":[{"count":1,"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/posts\/7039\/revisions"}],"predecessor-version":[{"id":7043,"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/posts\/7039\/revisions\/7043"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/klhappenings.com\/index.php?rest_route=\/wp\/v2\/media\/7040"}],"wp:attachment":[{"href":"https:\/\/klhappenings.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7039"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/klhappenings.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7039"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/klhappenings.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7039"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}