Computers communicate across networks using ports. Port 22 is a commonly used remote administration port called ssh. Bots go around probing computers with an open port 22 hoping to find badly secured or outside misconfigured ssh servers to turn them into bots and crypto miners, etc.

If you do want to open 22, and there are plenty of good reasons to want to, just implement something called port knocking and you can do it safely.

Note with this you still need good authentication. That means no passwords, key based auth only.