When I was a kid I remember watching Richie Rich, including swimming in and counting money, seems he knew what he was doing
The disappointing theme your comment highlights is your lack of appreciation for the very thing we are supposedly fighting for, the right to democracy and freedom which at their heart value human life. This type of war includes a significant amount of urban warfare and at times collateral damage however regardless of how fatigued one is it is inexcusable to brush off these types of events as mistakes grouped in with the more mundane things we all do when tired. Mistake or not if I fall asleep at the wheel and take someone's life I will be held accountable for it, albeit not the same as if I take a life on purpose but none the less I will be held accountable.
In addition to the points I made above let's discuss one of the issues that applies to your position equally as well as mine. If "mistakes" were made and innocent people died why the obvious cover-up by the military when it was apparent they could not hide the truth?
Although the technology itself is not very new the packaging (behind the ear or in ear hearing aids are purpose built devices) is left to a few specialized companies. That in addition to the fact that the market will bear these prices, assuming statistically older people with generally more resources are buying, and you are left with the prices you are running into. I recently had a similar experience with a good friends mother and after 6K for the pair with a fairly heavy hit on the savings account she is happy as can be and would do it again in a heartbeat.
Actually the port was changed before posting to protect the innocent
I have a similar situation and cannot limit to very specific IP ranges. I have done the following with good success. I pulled some examples from my configuration that can be tweaked for yours if you like.
1. Limit incoming SSH attempts to a low number. In my case I limit to 2 connections in 60 seconds. I can tighten it even more but this did a lot to kill brute force attempts.
iptables -I INPUT -p tcp -i vlan1 --dport 2242 -j DROP
iptables -I INPUT -p tcp -i vlan1 --dport 2242 -m state --state NEW -m limit --limit 2/min -j ACCEPT
iptables -I INPUT -p tcp -i vlan1 --dport 2242 -m state --state RELATED,ESTABLISHED -j ACCEPT
2. Automatic blacklist via DenyHosts. This helps cut down attempts from known ranges without even giving them the chance even at a slow rate. http://denyhosts.sourceforge.net/
Heisenberg may have been here.