Despite my attempts to explain this plainly, you seem to continue to miss the point
Nobody is
SPECIFICALLY targeting you, alarmguy, and your Toilet Paper Link. What happens is that botnets scan various public subnets/blocks looking for vulnerable hosts. When those hosts are discovered, the exploits are automatically run against the system to infiltrate it, typically gaining root access to the device. From there, they can do all manner of things, all automated. The most typical is adding your device to the botnet itself, logging it into an IRC channel from which it will then receive commands. They aren't necessarily interested in YOUR traffic (though that's not outside the realm of possibility), they are adding to bots, which they can then use to target other, high value targets, even using you as a proxy through which to wage a cyberattack.
Some of these scripts can also do things like change your router's DNS settings for example, so that your queries go somewhere other than where originally destined. These can be extremely sophisticated schemes, even employing certificate swap outs or forgeries to make it look like the sites are totally legit (I've seen one of these in the wild that was able to capture banking info by redirecting the traffic to a site that looked like the bank site, with a valid SSL certificate and everything). They could also take advantage of the tendency for a lot of home users to use VPN's, but redirecting "IMtahl33tpwn4g3vpnu53r.com" to a different server to capture the credentials for example. They could then use your VPN account to further obfuscate their own traffic, or route bots through that channel.
This isn't some kid in China sitting there going like "that alarmguy character, I think he's a worthwhile target, I better put some effort into trying to hax0r teh gibson on him!" It's bots doing it, probing for vulnerable hosts using a list of known exploits.