A ransomware claim tied to an IT services company is more than a naming exercise when the suspected group is linked to self-propagating tooling and double-extortion tactics.