Hackers stole from NSA a cyber weapon, which has been used in attacks (at time of writing) on 150 countries, shutting down elements of the British National Health Service, the Spanish telecommunications company Telefonica, automakers Renault and Nissan, Russia's Interior Ministry, Federal Express, the energy company PetroChina, and many more.
The news spin is to not blame NSA for its carelessness, but to blame Microsoft users for not updating their systems with a patch issued two months ago. But the important questions have not been asked: What was the NSA doing with such malware and why did NSA not inform Microsoft of the malware?
Clearly, NSA intended to use the cyber weapon against some country or countries. Why else have it and keep it a secret from Microsoft?