Bit of a bummer.
We are all well aware of the need for security with, well, everything! IoT in particular of course. But spare a thought for the poor sods developing this stuff 14 years ago. I don't know if they genuinely didn't think of the possible problems, or whether they thought that no-one would be enough of a sick bastard to play with critical medical systems for fun or profit.
Either way it's tricky. This old system has holes, I suspect the latest systems have holes. We can make systems that are much, much more secure. But that takes time and money.
Question: is it better to get life-saving technology into the market now at an affordable price (but with an obscure hole or two), or wait another five years (while people die) and then deliver something secure at twice the price, making it less widely used.
I have no simple answer. Do we trade off the possible risks of injury due to (unlikely) hacking against likely deaths from delay and increased price?
I think better to focus on US voting machines!