Not surprising to anyone who has or had administered any servers that has open ports on the Internet. That is why the minimum you can do is to limit the attack surface by restricting Internet-facing ports, and using software like fail2ban to automatically ban attack attempts.
A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average—and the non-secure usernames and passwords we use that give attackers more chance of success.
Source: Hackers Attack Every 39 Seconds | 2017-02-10 | Security Magazine