Security has become one of the number one things that keeps CIOs up at night. I don’t blame them for stressing over it—when you are fighting against nation-state budgets and other adversaries with near limitless damage potential, security is a big deal. At our firm, we cover IoT end point security, the cloud datacenter and everything in between. Edge devices that are as powerful as computers create immense amounts of data outside the corporate firewall and add risk to the security framework. Therefore, enterprises need to align themselves with endpoint vendors who have demonstrated the scale, know-how and commitment to security necessary to handle the current threat landscape. One of those in my opinion is Samsung Electronics, whose Galaxy Unpacked 2021 event I recently virtually attended.
In addition to the new S21 smartphone line for consumers, Samsung also announced a version of the S21 for businesses. Perhaps the most intriguing feature of these new phones is the new Knox Vault. After the event, I had the chance to chat with Security SVP and Head of the Mobile Security Team at Samsung Mobile, Daniel Ahn, to get caught up on Samsung’s security approach and a double-click into Vault. I wanted to discuss my takeaways on the news here.
Samsung’s mobile security platform, Knox, was originally unveiled way back at Mobile World Congress 2013—almost a decade ago. To put that even further into context, the Galaxy S3 was Samsung’s flagship smartphone at the time. Even then, Samsung realized the importance of securing these increasingly powerful, complex, ubiquitous devices against dangerous emergent cyberthreats. Security, up until then, was inherited from Unix and mainframes, but smartphones represented a much more personal, vulnerable device for hackers to exploit. Before Knox, Android was considered insecure by IT and CISOs so in a way, Samsung helped make Android what it is today.
Back then (as it still does today), Samsung’s mobile security approach centered around the question of how to remain a step ahead of hackers and always keep its users safe. The answer to that question begins at the chipset level. Samsung’s first hardware-based security efforts came in the form of a Knox feature it leveraged called TrustZone, located within the Arm processors powering the Galaxy line. TrustZone employed the new concept of Trusted Execution Environments (or TEEs), which essentially isolate the software that handles the most sensitive data by running a separate OS along with Android. Other early hardware-based security measures included real-time kernel protection.
While the original 2013 iteration of Knox introduced the building blocks of Samsung’s modern hardware-based security approach still in use today, Knox has since evolved into a full suite of mobile security and management tools for the enterprise. Let’s take a look at Samsung’s strategy in the present day.
Samsung’s mobile security approach
To understand Samsung’s security strategy, it might be best to run through the three main cyberattack vectors. First, you have physical attacks—breaches that occur when a hacker has actual physical access to a device. On a very basic level, the theft of a device could be considered in this category. Also included are jailbreak attacks. Or perhaps, the perpetrator installs a rootkit on the device or utilizes a forensic tool to do a physical data dump. Next up in our big three is logical on-device threats, which could give hackers full access to the OS, data and network, and allow them to control everything remotely. Hackers could also escalate device privileges, or install malicious software and configurations. Lastly, we have logical through network attacks, such as malicious websites, phishing emails, protocol level attacks and intercepting data sent from a device via Wi-Fi or a mobile network.
As it was in Knox’s early days, Samsung’s strategy to combat these threats begins at the hardware/chipset level. This is crucial, because hackers have a variety of hardware attacks at their disposal, including physical attacks, fault attacks and side channel attacks—all of which only occur when a hacker gains physical access to the device. Samsung designs its devices around a secure hardware Root of Trust within the chipset, which protects critical, personal data—passwords, PINs, blockchain keys, etc. There are numerous components to this Root of Trust, including a secure boot key, rollback prevention fuses, device root key and lastly the Knox Warranty Bit—a cybersecurity tool which monitors devices for any unofficial, potentially malicious software .
The second level of security features is the further building and maintenance of trust. To this end, Samsung employs boot time inspection, which ensures the integrity of booting components. Run time protections include blocking code changes to kernel, ensuring kernel and critical data integrity in system partition and mitigation of exploits.
Last, in this series, is proving trust. This simply means that the fuse will blow if the device is unable to verify its integrity or if any hacking or rooting is found. Similarly, if a device is determined to be compromised, it will not restore the encryption key—even if the user password is the right one. To sum all of these components up, Samsung’s Mobile Security approach the combination of a hardware-protected Root of Trust and overlapping, hardened versions of the software layers that comprise the OS.
Samsung’s Mobile Security doesn’t end there—additional practices are employed both before and after general release. Devices are subject to security and privacy assessments as well as vulnerability analyses before they hit the shelves. After release, Samsung’s devices benefit from ongoing, continuous security monitoring, 24/7, based on Samsung Threat Intelligence’s machine learning-based advanced detection and threat modeling. Another neat post-release component is Samsung’s Bug Bounty Program, which crowdsources security vulnerability detection to the security research community. In 2020 alone, the program caught 1,434 vulnerabilities.
Security strategy that does its best to stay current
This brings us to how Samsung keeps its devices up-to-date. Samsung also announced at the Unpacked event that all Galaxy devices launched since 2019 will receive regular security updates for at least four years after their initial release. Products covered by this include the Galaxy Z, S, Note, A, XCover and Tab series. These regular updates are the result of Samsung’s collaborative efforts with its OS and chipset partners, as well as over 200 carriers, to streamline and make these updates more timely. Samsung also touted its collaborative approach to establishing Android security standards, working in conjunction with more than 1,000 partners in the security research realm.
The threat landscape is constantly evolving and becoming more complex. Frequent security updates are necessary so that devices can protect their users and more quickly respond to the latest vulnerabilities and cyberthreats. All of this serves the important purpose of giving customers trust in the Android Platform and Samsung devices, which, when we’re talking about the enterprise, is of paramount importance. Additionally, it enables consumers to hold onto their devices even longer before having to replace.
Now, let’s look at Knox Vault—the new version of Knox that grabbed my attention at the event. If you recall from earlier, Samsung’s utilization of TrustZone and TEEs (Trusted Executive Environments) marked an evolution from the earliest days of mobile security. But Samsung wasn’t happy to rest on its laurels—instead, it began hunting for a way to make its platform even more secure. While TrustZone was a marked improvement in hardware security, it was not 100% independent from the Android OS. The two operating systems still shared the same main CPU and memory, which, according to Samsung, made low-level software protections responsible for keeping that confidential information isolated from the rest of the device. Knox Vault is Samsung’s attempt to fill these gaps in protection.
Knox Vault employs both hardware and software capabilities, combining security-specific hardware (such as its new secure processor and its isolated secure memory) with new integrated security software. If TrustZone is like a bank safe for your sensitive information, says Samsung, then Knox Vault is basically equivalent to Fort Knox. Altogether, Knox Vault represents a critical paring down of the components that need to be “trusted” in a device—less components means less attack surfaces.
New security processor
The Samsung Galaxy S21’s main line of defense against physical attacks is its new secure processor—a chip that provides an isolated haven for confidential data protected with a physical shield. The processor leverages security algorithms to guard against side channel attacks and can even detect temperature changes or invalid voltage to identify fault attacks. It protects lock screen PINs, patterns and passwords from being vulnerable to guesswork by rendering it nearly impossible to reset an error counter (you know, the thing that locks you out when you try the wrong password one too many times). Data is continuously encrypted and scrambled.
The new security processor also can protect blockchain private keys for crypto-currency wallets and provide hardware protection via Strongbox Keymaster (3rd party protection for sensitive data and private keys). Combine the new secure processor with the new regularly scheduled security updates and it’s hard to imagine how any bad actor could crack through all the layers.
Samsung is in a unique position, as one of the special few who design and develop everything from products to software to services. This allows it to provide real end-to-end protection, from conception to retirement, from the chip level to software. It’s a very powerful proposition that should endear the new Galaxy S21 to both the enterprise community and the security and privacy-minded consumer. As I have said often, there are no infallible security systems and all can be broken with time and state-sponsored hacking budgets. This is true for Samsung and the S21, but what’s apparent to me is that only those companies with big security budgets to protect its devices for years after the sale will be best able to protect its users.
Note: Moor Insights & Strategy writers and editors may have contributed to this article.