I believe the most dangerous thing involved with the internet is that new software/firmware can be loaded but not tested before the election. The process for doing this kind of thing with full engineering would involve testing on a software bench and then testing after loading on the counting machine.
Could be done with a flash drive too, but suppose the change needed to be more significant than expected and was only discovered with the actual votes. If Trump was outperforming, then a new version would be called up over the internet because it is easier than driving it to each counting center.
I submit that there are probably several versions of the program that can scan and modify the degree of votes for Trump and Biden. We could have one version that would verify with a test batch of ballots and a second version to run with real ballots but these results would not stand up to an audit. (Hence the “glitch” referred to in Michigan.)
Could that be related to the claims that some of the tabulating machines were connected to the internet?