Samsung reveals spy-thriller-style operations behind your phone’s security patches

Edgar Cervantes / Android Authority

Samsung’s new blog post reads like the plot of a Hollywood spy thriller. It details the operations of covert teams within the company that work to ensure your Galaxy devices are well protected against all kinds of threats. Samsung uses terminology like “classified,” “covert,” and “inspired by military practices” to describe its “specialist” RED, BLUE, and PURPLE teams that come under a program called “Project Infinity.” These teams are tasked with safeguarding your Samsung devices and are directly responsible for the security updates you wait for every month.

The RED team simulates attacks on Samsung’s hardware by investigating disclosed vulnerabilities and detecting new ones through methods like fuzzing and code auditing. The BLUE team then works on thwarting and patching these vulnerabilities, and are essentially the people who roll out security updates to Galaxy devices. Meanwhile, the PURPLE team is both an aggressor and protector, with specialized knowledge of Galaxy phones.

“We closely monitor forums and marketplaces for mentions of zero-day or N-day exploits targeting Galaxy devices, as well as any leaked intelligence that could potentially serve as an entry point for system infiltration,” said Justin Choi, VP and Head of Samsung’s mobile security team.

Once a threat is uncovered, the company’s specialized teams work with developers and operators to lock everything down to prevent attacks.

“Sometimes, an attack is financially or politically motivated. Sometimes, they just like to show off,” said a member of Samsung’s Cyber Threat Intelligence (CTI) taskforce, which engulfs the RED, BLUE, and PURPLE teams.

Samsung’s blog post doesn’t name any of these team members to protect their identities due to the nature of their work. They are based in several locations around the world, including Vietnam, Poland, Ukraine, and Brazil. Very covert stuff, indeed, Samsung.