Do we actually have any cases of governments using malware for good?
Guns aren't a great comparison because the use can (and usually is) wholly defensive or acts as a deterrent -- i.e if you are known to be armed then you'd be left alone.
Malware on the other hand is almost exclusively offensive and governments around the world almost exclusively use it for nefarious reasons (i.e NSO Group's clientele and published usages).
Also, when you use a gun against someone, be it to threat or injure, you can’t do it without making the person aware that you used this weapon against them.
Ukraine hasn't acquired NSO Group's software (based on your article) and ultimately it's a seriously corrupt country -- the most corrupt in Europe -- and globally ranks below El Salvador, Brazil, Turkey and even Cuba. Just because it's currently facing an invasion doesn't mean the malware won't be used for nefarious purposes: i.e Ukrainian elites targeting other Ukrainians or the sitting Ukrainian government targeting opposition political parties. During conflicts we often see governments and elites from those countries trying to siphon as much as they can.
Just to drive the point: at the same time that they first requested the software (2014) the country was the biggest arms dealer for the Syrian civil war[0]. A large part of the arms they received after what happened in Crimea ended up making its way to countries like Syria[1] and it's likely a driving reason behind why the country was so ill-equipped with the current conflict. There is little doubt that the physical arms will eventually be sold off after this conflict is over, and with malware that can be copied quite easily it's likely it will be sold the moment it's acquired to any bidder that puts their hand up.
Ukraines military has changed drastically since the war that started in 2014. They have made many changes, moving away from the old Soviet style system and to a more western system for the military along with upping military pay and training. I also don't think that Ukraines military is overly 'ill-equipped' but its more that its fighting an army much bigger then itself, and one so incompetent that its going through ATGM's and MANPAD's so fast that its literally impossible to keep up.
The thing is that "terror" is an extremely vaguely defined concept, in the US there are at least 8 different, and recognized, definitions for it [0]
Nor are there usually any efficient checks&balances in place to make sure these tools are actually only used for their originally declared purpose.
That's why the mass-surveillance creep, since the Patriot Act, has been very real and for the most part completely unchecked, FISA court just rubber-stamping anything that comes their way.
In that context I'd rather see resources put towards fixing vulnerabilities, instead of leaving them open so they can be exploited by intelligence and police agencies. This approach would also prevent much more "evil" than hoping how the "good Big Brother" will not abuse his power and instead solely use the same vulnerabilities to stop the "evil" guys.
Instead of writing a malware exploiting a bug to simulate an attack to defend against the exploit, you could have just fixed the damn thing in the first place.
I'm astonished that there are so many people here that are willing to defend government use of malware.
Malware is software deliberately designed to cause devices to malfunction. Since when is it legitimate for any government to deliberately break the property of a private citizen who hasn't been convicted of any offence, without at least a court order?
I think nukes are a better analogy than guns. There's legitimate reasons why you might want your government to develop and own them, but there's no good reason that it should be legal for private companies or individuals to sell or buy them.
Guns aren't a great comparison because the use can (and usually is) wholly defensive or acts as a deterrent -- i.e if you are known to be armed then you'd be left alone.
Malware on the other hand is almost exclusively offensive and governments around the world almost exclusively use it for nefarious reasons (i.e NSO Group's clientele and published usages).