I'm not sure what has happened... but I'll tell you what I do.
I monitor the traffic coming into my network. At least once a week, I get flooded for a few hours. Its always from one or two IP's per occurrence. I'll get hit maybe 500-700 times per minute, for hours at a time, methodically trying all ports.
Of course its simple to trace the IP's back to who owns them.
#1 offender - China
#2 offender - Eastern European countries - Serbia, Latvia, Ukraine, etc
#3 offender - United States universities.
In cases #1 and #2, I ban the IP, up to half a dozen from the subnet. After that, I just ban the whole subnet. It sucks to be them doesn't it.
In the case of universities, I contact their admin, send them my logs, and they handle it. About 1/3 of the time they send me an apology response after the problem is corrected.
So there ya have it. I don't provide bandwidth for buttheads. Anyone on my network is my guest, and I expect them to behave as a guest. Its like holding an open party at your house. What? You're just riding in the same car as the guest, but you got kicked out of my party because the folks you rode with decided to pee in my living room? Guess it sucks to be you doesn't it.