You can and maybe should also restrict ssh access from all but a few known IP addresses and certainly limit the users allowed to ssh in. If you do those 2 things as well as changing to a higher, random, port you can greatly cut down on these brute force attempts. You should probably also disable root login and force version 2 while you're at it.
Oh, and in case the point has not yet been impressed, use a really hard password for SSH like H98^f#juW!d@eepL&
|