The next election in the Mountaineer State was still weeks away. But 5,000 miles from West Virginia’s capital city, in a suburb northwest of Moscow, someone was already scouting for ways to get into the state’s election computer network this spring. That someone’s IP address, a designation as a “malicious host,” even a tiny Russian flag — it was all there on a computer display in an office just across the Kanawha River from the state’s gold-domed capitol. And he had company. “See, right here, a Canadian IP address is trying to go into online voter registration,” said the West Virginia Air National Guard sergeant who was tracking the would-be intruders, pointing at the screen. “Here’s someone from Great Britain trying to do the same. China is trying to get into the home page — trying to, but they’re getting blocked.”
… West Virginia’s cyberdefenses began with a built-in advantage: State law requires that hand-countable paper ballots be used in every election. Even if voting machines were altered to try to sway election results, the ballots guarantee that the true outcome of a race could still be determined.
The state also demands other safeguards. Voting machines are tested before and after elections to ensure that a set of mock votes are reported identically; testers also reset the machines’ internal clocks to Election Day to spot any malware programmed to alter results on that one day and then self-destruct.