There is tons of bot farm attacking any device connected to the internet all the time
A neat experiment is to configure an SSH server that has no users. It’ll allow connections but it isn’t possible to actually login. It’ll also have a log where you can view login attempts. Within a few days of going online, your logs should be filled will tens of thousands of login attempts from IP addresses from around the world.