And by “terrible” I mean “insecure”. Really, really insecure.
To put it another way, interfering with thousands of paper ballots is a bit of a pain in the ass. Yes, it’s possible, and yes, it happens. But it takes a bit of doing. And there’s always a record, of sorts, to examine.
With electronic voting?
UPDATE `votes` SET `preference` = "Candidate B" WHERE `preference` = "Candidate A" AND
RAND() < 0.01
; Congratulations. You just randomly tampered with about 1% of the vote for Candidate A, switching it to a vote for Candidate B. Do that in a few closely-contested electorates, and who’s ever going to know? Advanced attackers can even clean up afterwards (e.g. delete logs), while they’re at it.
Then everyone else had better hope whatever system was holding the votes has some pretty hardcore logging and change monitoring to try and detect it… (Spoiler alert: They don’t.)