Of course there's something wrong here. These machines should be digitally signing every report they generate using a part of the machine that's not connected to the internet. Sure, that can still be manipulated, but no argument that it's 1, insecure to do it this way, and 2, way more secure the other way, right?