Quite possibly... keep an eye on it. If it persists you might be able to get your firewall configured to drop packets from it.
We've had our PaloAlto running in the wild for 3 days on our new connection and we're getting about 300 attempts a day to brute force the external management interface Its not going to work as the external interface won't accept connections except from specified addresses. We're also seeing attempts on our webserver, MIS external server, and mailserver from both smtp attempts and http. None of it is working as the Palo is cleverer than that!
We use the SWGFL for our filtering and firewall and they just suggested to change the system account name and password to something complex as well as keeping an eye out for any user accounts that may have been created.
Interestingly i have found IPs for Basildon in essex, London and hungary!
There are compromised systems out on the internet that will scan whole ip blocks looking for open ports to well known services (SSH, Telnet, FTP, Netbios, Kerberos, SIP, NIS, HTTP, etc) and once they find a system will attempt to brute force it via dictonary attacks. It's just a fact of life on the internet these days. So as long as you have your firewalls setup right it should not be an issue. On my Linux boxes I go beyond this though. I have IPTables rate limits, fail2ban, etc setup so these scans don't waste too many system resources..