They do care about performance. If the victim could figure out what was happening before their files were completely "ransacked", they could simply shut off their computer and take it to the shop to extract however much of their data wasn't yet encrypted. If the value of what was encrypted so far was less than the ransom, why pay?
Also, another aspect you have to consider: strong encryption algorithms usually have large implementations, which means large viruses. Virus transmission rates are logarithmically proportional to their size (a virus that can get sent from one computer to N others in half the time spreads twice as fast each generation, and therefore exponentially (2^t) faster over time.)
Also, another aspect you have to consider: strong encryption algorithms usually have large implementations, which means large viruses. Virus transmission rates are logarithmically proportional to their size (a virus that can get sent from one computer to N others in half the time spreads twice as fast each generation, and therefore exponentially (2^t) faster over time.)