That’s largely irrelevant when we’re talking about networked devices vulnerable to wireless (WiFi/Bluetooth) attacks from inside.
I would think that most hospital networks don’t protect well from inside attacks - even from commodity devices like printers, scanners, etc.
Then there’s the whole issue of remote servicing by vendors. Even though a NAT firewall might seem like a prudent protection, it still allows a device to initiate a VPN back to the vendor - and the appeal of remote servicing is great. And that VPN (in effect) extends the soft-and-chewy hospital network out to the vendor, and whoever else the vendor trusts.
Basically, hospitals are big attractive collections of embedded devices, and as these devices become more automated and integrated (and networked), the more appealing they are purely as networking/CPU resources for spamming, botnets, or Bitcoin mining.
