This is just an attack that attempts common username/password combinations on ssh, and the article even states that the worm is dime-a-dozen. Unless you have both password auth enabled and an available account with an easily guessable password (and if you have either you should change that), this is nothing to worry about, even with sshd available to the internet.
Sensationalist title.
Prevention, as always, is much easier than a cure.
Linux device attacks preventable by standard security precautions
A million attacks a day have done this for the past 20 years. ssh + bad password is so old it can drink in the US.
ssh-keygen is your friend, pretty much no reason not to use it.
One would assume it wouldn’t have been seen before, be weird if a patch got pushed and all of a sudden an old virus came back out of the archives like that permafrost thing people are paranoid about.
This is why you don’t allow password login for SSH, especially not on systems that are accessible from the internet.
This might as well be an article about windows systems exposing RDP to the internet.