The most frustrating part of this whole SSDP Vulnerability issue is that there very well might be something going on, but they've apparently contracted out all of their IT security section (I did 11 months on the HSI tech support phones for them back in 2009ish so I know for a fact that Rogers used to have a dedicated section just for these kinds of issues) and thus don't appear to have anybody available to respond when they're faced with somebody who's trying to decipher what the problem really is.
edit: I also wouldn't be surprised to find out that it's something related to their own modem not properly turning off UPNP when in bridge mode, but that's just complete guess work. 😉
Just finished reading an interesting article that was relatively low on specifics but seemed to be suggesting that there are "millions" of networked consumer devices which have a slightly different form of the SSDP vulnerability that is being used in DDoS attacks. Think anything that has the ability to connect to a service like netflix via an ethernet connection and you get the gist of what they were suggesting.
It sounds like these consumer devices through the nature of their firmware are bypassing the routers' UPNP settings. If that's the case then ISPs had better figure out a better way to block them than having folks focus only on routers.