May 14, 2021 It cost just under $5 million for Colonial Pipeline, the company that operates the largest fuel pipeline in the US, to pay off a gang of cybercriminals that hacked its servers, shut off the flow of oil and gas, and disrupted fuel supplies across the east coast. The company caved to hackers’ ransom demands within hours of the attack, Bloomberg News reported. In a ransomware attack, criminals encrypt a company’s data and demand an extortion payment in exchange for a special key that will restore the company’s access to its files. Colonial Pipeline’s decision to pay the hackers flies in the face of most official recommendations. US policy—and the standing advice of many other national governments and intelligence agencies—is clear: Companies should not pay ransoms to hackers.