Hacking these medical pumps is as easy as copying a booby-trapped file over the network

You think nurses are in the room with the patient 24x7? They need some sort of connectivity back to the desk at minimum so the duty nurses can monitor stuff, check alarms and so forth.

I don't see any reason why they need a full network connection though. What's wrong with serial, or some other protocol that doesn't involve a full networking stack?

