I would reinforce Microsoft's position that we certainly do not support cyber-offensive activities, primarily for a number of reasons.
We have seen that cyber-weapons are typically very difficult to target, and the potential for collateral damage to spill beyond the intended targets, much like the NotPetya attack in Ukraine a few years ago, which ended up impacting organizations around the world and costing hundreds of millions of dollars to recover from. That is example of where there's a potential for that collateral damage that could be extreme.