Every month, Samsung rolls out dozens of security fixes to millions of Galaxy phones worldwide. These monthly updates protect users against newly discovered vulnerabilities that could undermine their privacy and security. However, a lot of work goes into fulfilling this commitment to user safety. Recently, Samsung unveiled Project Infinity, a classified operation where security experts go beyond lab conditions to proactively identify and address potential threats.
Samsung Project Infinity ensures maximum security for Galaxy users
Project Infinity is a vast security maintenance operation within Samsung’s Mobile eXperience (MX) division, which includes the smartphone business. It consists of four major reconnaissance units: the Cyber Threat Intelligence (CTI) taskforce and the Red (RED), Blue (BLUE), and Purple (PURPLE) teams, each handling a different aspect of the security efforts, safeguarding Galaxy devices and users worldwide around the clock.
According to Samsung, the RED and BLUE teams “perform proactive attack and defense functions, seeking out vulnerabilities and taking measures against them,” while PURPLE is “a special operations unit that acts as both a sword and shield for specific critical areas.” The company has strategically deployed these teams in several countries globally, including Vietnam, Poland, Ukraine, and Brazil. “They work covertly,” Samsung explains. “The only time you’ll ever feel their presence is when you get an update containing a security patch.”
The CTI group, meanwhile, identifies potential threats and prevents malicious actions. Security experts in this group are always on top of the latest threats, stopping hackers from taking control of your device. They also prevent misuse of stolen information to ensure your data and Galaxy phone is under your control. CTI “regularly explores the Deep Web and the Dark Web” to identify potential threats and roll out protective measures against those threats.
“The taskforce protects Galaxy’s internal infrastructure — safeguarding customer data and employee information such as access credentials — since any confidential information stolen by a hacker could be sold or abused for further attacks,” Samsung says. The team is led by Justin Choi, Vice President and Head of the Security Team at the MX division. Choi is a veteran in this field with an experience of over 20 years as a cybersecurity expert and ethical hacker in the US tech industry.
Military-inspired security practices to keep Galaxy users safe
The RED and BLUE teams in Samsung’s Project Infinity employ military-inspired security practices to identify potential threats even before they become real. RED simulates enemy attacks — designs new attack scenarios that could compromise user security; BLUE creates defenses — develops and implements patches against those attacks. This helps Samsung eliminate vulnerabilities before threat actors can exploit them to their benefit. PURPLE works on top of these two teams to ensure the security of critical areas.
As Samsung explains, PURPLE combines elements of RED and BLUE’s skillsets and acts as both aggressor and protector. This team boasts “an extra in-depth knowledge of the security measures built into the mobile devices”. It protects the key features of Galaxy devices. If warranted, it formulates new security requirements, designs, and features to address issues no one can.
While Project Infinity has a robust offensive security approach, Samsung operates a wider security community to maximize protection. Its Mobile Security Rewards Program incentivizes independent security researchers to find vulnerabilities in Galaxy devices. The Korean firm offers rewards of up to $1 million. “Just because we have internal specialists, this doesn’t mean we don’t work with others,” said Choi. “Having more eyes gives us a better chance at spotting any vulnerabilities and helps us keep users safe.”
You should install security updates as quickly as possible
Alongside protecting Galaxy users, Samsung helps chipset and network vendors in their security efforts. All of this is to ensure that end users are protected against the latest vulnerabilities. However, if you do not install security updates on your phone on time, you are still at risk. You should install the latest patches as quickly as possible. Each of those security updates represents Samsung’s ongoing effort to keep your data safe.
“The next time you see an update, don’t hesitate,” Samsung tells Galaxy users. “Hit ‘install’ and continue your online journey with peace of mind, knowing that there’s a whole team looking out for you.” If you don’t get notifications for updates, go check manually from the Settings app. Open the app and navigate to Software update > Download and install to check. If an update is available, you will be prompted to download it. If you don’t see anything, check back again a few days later.
