Latest News

Smart Coffee Machines – Security Issues

The workplace is becoming more “smart” in a variety of ways, and having a coffee machine with smart technology is becoming more common. Smart coffee machines give you more choices over drinks, alerts, and can be set up on timers. Plus, you can get the brewing started from your desk and have a hot cup of coffee waiting for you when you get to the break room.

Every device that you add to the network creates a bigger IoT network. Believe it or not, the smart coffee machine you are getting installed could even pose a risk to your digital security. If you take the right precautions and are careful about how you handle new smart devices then it is not likely to cause a big issue, but the threat is still there, and steps should be taken to mitigate risk.

How Avast Turned a Coffee Machine into a Ransomware Machine

To prove a point about just how vulnerable we might all be if we don’t take precautions, internet security company Avast performed a “white hat” test to see if they could access a Wi-Fi network via the coffee machine, and even upload the code required to demand a ransom.

Many coffee makers come with default settings so that they work as soon as you get it out of the box. You don’t need a password to connect it to Wi-Fi. This turns it into a gateway to a network.

Avast aided a study showing that 66% of North American homes have a device like this. Coffee machines are also really popular in the office. Let’s face it, a lot of workforces run on coffee! For a big office, you might have multiple machines.

Avast’s experiment showed how smart devices can be a starting point for entering and exploiting a whole IoT network. Actually, the coffee machine itself can be a real hazard.

Image source:

The hackers were able to make the burner overheat and to send boiling water out onto the burner. This sort of malfunctioning could cause an office fire. Obviously, this is a huge issue in itself.

But the idea of someone being able to access your whole network, including computers and servers, just by hacking a smart device, is even scarier for most. This could lead to customer’s details getting stolen, and business-critical information getting stolen and leaked.

You can read more about how Avast explored these security issues here.

What Can You Do About Potential Security Issues?

It is not worth rejecting the idea of smart devices. It is far better to take a few precautions to make sure everything within your IoT and business network is safe. What can you do to stop these security breaches from occurring, and allowing people to get in via the “back door” of a smart device?

Segmented networks are important, but according to this guide, less than half of UK businesses are segmenting their Wi-Fi networks. It is important to do so to limit access to your network and prevent a hacker from being able to take over. You can keep critical devices and servers kept out of the networks that contain your smart devices, so a hacker can’t jump over to something that could allow them access to your whole business.

It’s also a good idea to adopt secure passwords. This is still something a lot of businesses and individuals don’t do. Reusing passwords or creating simple, guessable passwords, is surprisingly common. It can make your defence very weak.

Image source:

Another step that is often forgotten about, but can be hugely important for your security, is to constantly patch firmware when it becomes available. Patches and updates can fix problems that the manufacturers have patched, which could otherwise be security problems waiting to happen.

In a big office, you should have a freelance business or internal department responsible for your security. They need to be actively monitoring your Internet of Things. This means that if there is any kind of attack then it can be quickly spotted, and remedied.

Another tip is to make sure you don’t use the default password that comes with your Wi-Fi router. These can be easier for a hacker to guess or generate than a strong and secure custom password.

If you take a few simple steps then you can ensure you don’t have to see your business coffee machines as a security risk. Instead, you can enjoy all of the benefits of having a coffee machine you can control and operate remotely.


With most new technology there are some potential security issues. This is almost inevitable as new tech evolves. The idea that coffee machines could jeopardize crucial information within your business is scary, but it doesn’t take a lot to protect yourself against the potential problems this can cause.

The Avast study was eye-opening, and it seems like a lot of the big smart coffee machine makers are remedying the issues. However, you should still proceed with caution to keep your data safe.