Already inside the hospital?
"Exploiting cybersecurity vulnerabilities requires penetrating several layers of network security enforced by the hospital information system, including secure firewalls,"
If you are inside the network then the ports must be open for the devices to work, and it is not unreasonable to think that a hacker could get inside. VLANs might make it a bit more difficult but not impossible. I can get through things at work with static routes.
In any case I would have thought the firewall is one layer, not several layers, I smell BS.
Hospira said in a statement. "These measures serve as the primary defense against tampering with medical devices. The cybersecurity protections on infusion pumps add an additional layer of security and play a critical role in providing safe and effective patient care."
I'm confused, if you are inside the network what is the primary defense and they have not offered any evidence of cybersecurity (whatever that means) as they left ports open had default usernames and passwords.
I hope I die from my bad habits rather than bad security on medical devices, but as time passes I think I might have to up my alcohol intake and perhaps take up smoking to avoid the perils of technology curling the beckoning finger of death at me.