Yes, you're right. I didn't make myself clear, perhaps. What I meant was that there are a lot of sociopaths out there who are quite likely to worsen the situation. I wasn't suggesting that was a lesser offence.
I don't think it was warfare. Targeting the British NHS and the Russian government seems an odd combination. One of the problems we face is that online criminals are often stupid; it's just too easy to deploy this stuff. I think they were after money but didn't understand how it might spread. There are also conflicting accounts; it may be multiple attacks by different criminal gangs who bought a kit at around the same time.
But it's criminal, and the DOS attacks are accessories. Catching them is the big problem.
Currently I'm updating the computers for a charity as fast as I can; all unpatched, all vulnerable. But at least I have all their essential data secured on two offsite backups, one of which is on write only media.