That article is mistaken/naive'.
A router's WAN side will respond to an ICMP ping if so enabled. Most have an option for this, usually default to "yes, respond".
A ping does not go across the router's NAT and on to your LAN and PCs unless you configure the router to do so - via port-forwarding or DMZ.
A router's LAN side normally responds to pings from your devices on your LAN/WLAN. For the LAN, that's benign. For the WLAN, it's also benign if you have encryption turned on which of course we all do. The unauthorized device lacks the WLAN encryption key in order to send an IP packet that will be decipherable.
In the picture, the "firewall" is external to the router and external to the PC. Residential/consumers don't have such. Logically speaking, the NAT function in the router plus your choices of port forwarding/DMZ is a firewall and a basic reason we use routers. If you connect the PC to the cable/DSL modem, omitting the router (bad) there is no firewall other than what software firewall might be in the PC.
