Medical Internet of Things (IoMT) systems face unique security risks—distinct from conventional IT—due to direct physiological intervention (e.g., pacemaker control, drug delivery), resource constraints, and stringent real-time requirements, posing critical threats to patient safety and data privacy. To address this, we first systematically delineate the fundamental security distinctions between IoMT and general IT. Leveraging real-world attack incidents and standardized frameworks (e.g., NIST SP 800-30, MITRE ATT&CK for Healthcare), we develop a comprehensive, architecture-layered attack taxonomy specifically tailored to medical devices, identifying key attack surfaces and vulnerabilities. Integrating threat modeling, retrospective analysis of historical breaches, and regulatory compliance requirements (e.g., HIPAA, IEC 62304), we propose an engineering-practical security-by-design guideline. Our work bridges the gap between academic research and clinical deployment, delivering a holistic, resilience-enhancing, and privacy-preserving security framework for IoMT device manufacturers and healthcare providers.

The Internet of Medical Things (IoMT) has the potential to radically improve healthcare by enabling real-time monitoring, remote diagnostics, and AI-driven decision making. However, the connectivity, embedded intelligence, and inclusion of a wide variety of novel sensors expose medical devices to severe cybersecurity threats, compromising patient safety and data privacy. In addition, many devices also have direct capacity - individually or in conjunction with other IoMT devices - to perform actions on the patient, such as delivering an electrical stimulus, administering a drug, or activating a motor, which can potentially be life-threatening. We provide a taxonomy of potential attacks targeting IoMT, presenting attack surfaces, vulnerabilities, and mitigation strategies across all layers of the IoMT architecture. It answers key questions such as: What makes IoMT security different from traditional IT security? What are the cybersecurity threats to medical devices? How can engineers design secure IoMT systems and protect hospital networks from cyberattacks? By analyzing historical cyber incidents, we highlight critical security gaps and propose practical security guidelines for medical device engineers and security professionals. This work bridges the gap between research and implementation, equipping healthcare stakeholders with actionable insights to build resilient and privacy-preserving IoMT ecosystems. Finally, we present the latest standardization and compliance frameworks, that IoMT security designers should be aware of.