Having a server or computer connected to a network comes with a certain amount of risk. Any machine, including a VPS, connected to the internet is a potential target for malicious attacks.
While having a well-configured firewall will prevent many kinds of illegitimate access, you still need to open up certain services to allow yourself the ability to log in and administer the server. SSH is the service most commonly used to log into remote systems, and so it also is one of the most frequently targeted.
Fortunately, there is a tool available that can mitigate this attack vector, called fail2ban. This can be configured to allow legitimate logins using SSH, but ban IP addresses after they have failed to authenticate correctly after a set number of times.
Full article here:
How To Protect SSH with fail2ban on Debian 7 (DigitalOcean)