The Internet of Things (IoT) is an evolving technology in the emerging
digital transformation domain. The healthcare system is also growing, using IoT to
improve human life and save more lives. With the assistance of IoT technology,
physicians can easily monitor patients’ health conditions in real-time. A cardiac
pacemaker is a medical device connected to the IoT environment to improve the
efficiency of healthcare. However, low-quality IoT design will bring disadvantages,
such as cyber-attacks. Every process of building IoT medical devices should evaluate
the product before launching it to the market. Manufacturers or hospitals should
organise their critical infrastructure orderly to protect confidential data. The data
should achieve the confidentiality, integrity, and availability of the CIA triad, which is
the foundation of information security. This paper aims to study the vulnerabilities of
IoT medical devices, the methods of possible attacks from hackers, and organisational
and operational security to address cyber security in the healthcare industry. Moreover,
it proposes a framework for the IoT medical ecosystem between the patient and the
hospital to improve the existing IoT medical ecosystem.
Keywords: Attack Vectors, Cyberattack, IoT Medical Ecosystem, IoT, Security Framework.