In early 2017, a Bloomberg report revealed that Russian hackers attacked voting systems in 39 states. While Illinois was the only state that found records of attackers attempting to delete or alter voter data, Pennsylvania was still in the list of targeted locations. Even if the state weren't attacked, it's a good idea to upgrade anyway: at last year's DefCon, security researchers showed just how easy it is to infiltrate voting systems. Acting Secretary of State Robert Torres said the new directive will ensure that residents' votes are secure and uncompromised, since a paper trail will allow officials to double-check votes in case they suspect that a machine has been tampered with.
Unfortunately, the directive doesn't actually require the counties to change machines, only that they should get one with a paper backup system when they do. And since there's no budget to replace them, The Keystone State will likely be using its old ones this upcoming 2018 election season. Pennsylvania won't be alone if it does, though. New York University's Brennan Center for Justice told AP that officials in 41 states plan to use older machines this year due to lack of funds.
The situation illustrates how the US knows it has major security issues it needs to address in an increasingly digital world, but that it's not prepared to deal with them. David Hickton, founding director of the University of Pittsburgh Institute for Cyber Law, Policy and Security, told AP: "In the world's leading democracy, we can't take the position that we can't afford to do elections correctly. The recent attacks on our election should concern everybody, and a priority has to be placed on doing what is necessary."