Almost certainly the least expensive route out.
Only in the very short term. Colonial Pipeline just put a huge target on themselves for other hacking groups and for other big American infrastructure (and other) companies as well.
Secondarily, by paying the "ransom" Colonial Pipeline admitted they knew they couldn't recover their systems and that their DR/BR plans either didn't exist or were so fatally flawed they were dead in the water without paying the ransom extortion.
None of this is a good look for Colonial Pipeline. If they're smart (and I'm not saying they are ...) they'd hire a crack Network Security & Infrastructure consulting firm to go in and straighten their crap out so this doesn't happen again.