Threats and Security Strategies for IoMT Infusion Pumps
Abstract
The integration of the Internet of Medical Things (IoMT) into healthcare systems has transformed patient care by enabling real-time monitoring, enhanced diagnostics, and enhanced operational efficiency. However, this increased connectivity has also expanded the attack surface for cybercriminals, raising significant cybersecurity and privacy concerns. This study focuses on the cybersecurity vulnerabilities of IoMT infusion pumps, which are critical devices in modern healthcare. Through a targeted literature review of the past five years, we analyzed seven current studies from a pool of 132 papers to identify security vulnerabilities. Our findings indicate that infusion pumps face vulnerabilities—such as device-level flaws, authentication and access control issues, network and communication weaknesses, data security and privacy risks, and operational or organizational challenges—that can expose them to lateral attacks within healthcare networks. Our analysis synthesizes findings from seven recent studies to clarify how and why infusion pumps remain vulnerable in each of these areas. By categorizing the security gaps, we highlight critical risk patterns and their implications. This work underscores the scope of the issue and provides a structured understanding that is valuable for healthcare IT professionals and device manufacturers. Ultimately, the findings can inform the development of targeted, proactive security strategies to better safeguard infusion pumps and protect patient well-being.
Keywords: Internet of Medical Things (IoMT), Infusion Pumps, Healthcare Cybersecurity, Medical Device Vulnerabilities, Attack Surface Expansion
DOI: 10.54941/ahfe1006142
Cite this paper
More from this volume
- Human Factors and Strategic Approaches in Cybersecurity: Threats for Critical Infrastructures in NIS2 Dοmains
- Charting Trustworthiness: A Socio-Technical Perspective on AI and Human Factors
- Exploring How College Students’ Mental Models of Cybersecurity Threats Predict Cyber Knowledge and Hygiene
- Leveraging Complex Access Scenarios (CAS) to Bridge Human-Centered HCI
- Towards Scalable Solutions of Operational Technology Cybersecurity in Smart Energy Networks
- Analysis of Large Language and Instance-Based Learning Models in Mimicking Human Cyber-Attack Strategies in HackIT Simulator
- Resolving Conflicts Between PSIRT and Safety Teams: A Collaborative Approach
- Assessing and Communicating Software Security: Enhancing Software Product Health with Architectural Threat Analysis
- Next Generation BCM solution
- Investigating Human Factors Engineering Integration in ATC Cybersecurity Resilience


AHFE Open Access