This is still an issue with the Cisco (Linksys) SPA-8000 and SP-112 ATAs as there a way to hack them. The fix from Cisco has been to enable "Restrict Source IP" but you cannot do this with Voipo service as per Voipo "Only allowing packets from sip.voipwelcome.com will break call signaling for any traffic routing directly from our media gateways. Their IP range is outside of our control and can be unique depending on the call's routing."

I have asked Voipo for the underlying carrier IP ranges but they cannot provide them and will not support BYOD devices.

So the only way to block the hackers are to put the ATA behind a firewall and block the specific IP addresses from the hackers. This will end up getting very tedious and you will be right back to the firewall closing ports and having connectivity issues with Voipo services and the ATA.