The humble infusion pump: It stands sentinel in the hospital room, injecting patients with measured doses of drugs and writing information to their electronic medical records. But what if hackers and identity thieves could hijack a pump on a hospital's information network and use it to eavesdrop on sensitive data such as patient identity and billing data for the entire hospital? It is not a far-fetched scenario. Although the hacking of wireless infusion pumps hasn't happened, it is considered a critical cybersecurity vulnerability in hospitals — so much so that federal authorities are focusing on the pumps as part of a wide-ranging effort to develop guidelines to prevent cyberattacks against medical devices.