Releasing a computer virus intended to replicate and spread on any machine it can... like... wtf are you arguing for? The whole point to the thing was to cause massive damage to whoever the intended target was, with little care for collateral damage. It was meant to spread hard and fast and cause damage. If you infected a Merck employee with weaponized ebola and that employee traveled to the USA while the strain was still in incubation, then got USA citizens sick with ebola, "Oh, it's okay, it was just an accident. No worries! You didn't mean to hurt the USA. Want to have some cheesecake with us?" Replace the USA with Germany, Japan, Chile, Mexico, South Sudan, I don't care. I'd feel just as strongly about this. It's not a Russia-USA issue. It's a "Russia literally gives zero fucks what happens to the world." I don't see bags of rice given out to poor countries with the Russian flag on it.

It was intentional even if Merck wasn't targeted. Negligence and accident aren't magic words to hide behind if your initial goal is to cause harm in the first place. Stuxnet at least had a bunch of parameters and was highly specialized so it only deploy on its intended target with little to no chance of opening up its payload on an unintended target. I'm not going to argue whether or not Stuxnet was morally in the right. But, it sure as shit proves there is a format of trying to make sure unintended targets don't get harmed in the process of widespread release of cyber warfare.