Though the guy used port 2222, which is kind of obvious to try. I use a high port that doesn’t have 22 in it and I never get brute force scans anymore.
I’m pretty certain the majority of users that switch from a default to a higher port know enough about security to know it doesn’t afford any extra protection, but rather do it to keep their logs from getting too noisy. I’m not surprised that people are port scanning (and I don’t think this is a new thing) but it’s way easier to deal with opposed to the deluge you get by operating on a standard port.
I also use a nonstandard port, but also with additional tools that block repeat offenders. It’s the latter that counts the most, the port choice is more reducing the thoughtless attempts that fill the logs.