I believe the simple answer to the title of this article is profitability and ease of use. Much of the ransomware we see in the wild is spread by SPAM and targeted phishing attempts. These messages have a relatively high infection rate because end user training is still lacking in many organizations. Weak backup and recovery solutions force many organizations to pay the ransom in hopes of recovering data, making the attack quite profitable. At the end of the day, we, the end user and support professionals, have made ransomware the successful attack it has become. We need to take back the high ground by implementing better controls and better education.