I have just reviewed my syslog file and notice a TON of entries of the following:
Aug 25 13:06:17 ssrv001 mysqld: 150825 13:06:17 [Warning] Access denied for user 'root'@'61.160.232.48' (using password: YES)
The ip is malicious as no one but myself has root access to this server. I will be removing remote access for the root mysqld user, however will this be enough to thwart this type of thing from happening?
I was also thinking about implementing something that will dissallow connections from ip addresses who have made invalid requests multiple times.