It's the same difficulty to attack in all 3 cases: hack the internet firewall, which the only point providing connectivity between both internal and external addresses regardless of what the address itself is.
You don't need to change the prefix to prevent an address from being routed to from the internet, but you do need a firewall if you want an address to be securely reachable from the internet. If you don't want an address to be reachable, what the address is whatsoever doesn't matter so long as you've implemented any possible way of making it unreachable.
Not true, 2001:1868:209:FFFD:0013:50FF:FE12:3456 provides some amount of geographic information about the target that the other addresses do not. No firewall is going to protect you from that. Of course that is only going to matter in the specific scenario where your internal IP is leaked but the attacker has not other way of getting your external IP.
You don't need to change the prefix to prevent an address from being routed to from the internet, but you do need a firewall if you want an address to be securely reachable from the internet. If you don't want an address to be reachable, what the address is whatsoever doesn't matter so long as you've implemented any possible way of making it unreachable.