I am pretty sure that the ports I opened on the router were not the issue. Actually, for all the ports I have opened I have changed the default settings. This avoids the known default ports and their possible vulnerabilities. My BIG oversight was that I left UPnP enabled so the cameras pocked holes into the router. I didn't realize this until
@alastairstevenson pointed it out. It's kind of embarrassing...
As for VPN, some of the modem manufacturers make it so easy to create the necessary certificates. It's ONE click, wait a couple of minutes and it's done. If you know what is involved behind the scene it's pure magic. Ok, I am exaggerating a little but they got it to a point where even my mom could do this. My concern was that if anybody can spoof the certificate then they will get access to all of my computers including accounts, password, etc. Yes, it's harder to get in but the damage will be really bad. Hopefully there are no backdoors that somebody exploited to harvest our data. So for now I am going the VPN route. Thanks again to
@alastairstevenson