

The top-rated answer to this question on the Security StackExhange is “not really”. https://security.stackexchange.com/questions/189726/does-it-improve-security-to-use-obscure-port-numbers
On Serverfault, the top answer is that random SSH ports provide “no serious defense” https://serverfault.com/questions/316516/does-changing-default-port-number-actually-increase-security
Or the answer here, highlighting that scanners check a whole range ports and all the pitfalls of changing the port. Concluding: “Often times it is simply easier to just configure your firewall to only allow access to 22 from specific hosts, as opposed to the whole Internet.” https://security.stackexchange.com/questions/32308/should-i-change-the-default-ssh-port-on-linux-servers
Do you have a source to cite for the literal 99%?