I still can't wrap my head around how can such a critical infrastructre is not air gapped. This is just so... basic. You will never be secure enough, this is not what internet is for.
This is an extremely important detail which seems overlooked.
The pipeline did not need to be shutdown because of a danger to infrastructure, it was a corporate management decision to protect the company’s interests.
Colonial used a ransomeware attack on their company to do their own form of retaliatory blackmail on the entire southeast US to get a state level response and avoid the payout.
The above is not a defense of ransomeware, and I understand why Colonial acted as they did/it seems to have worked. They likely would not have gotten state level help had they not shut down the pipeline. But they have a larger level of responsibility for the damage caused by the pipeline shutdown than is being portrayed.
I believe they shut down the pipeline because they were unable to bill.