Hi,
Your system(s) may already be compromised, and Suricata is providing confirmation of that.
Suricata cannot prevent attacks/compromises after they’ve occurred. It can alert you to suspicious activity (which it seems to be doing).
If Suricata were set up in inline (or IPS) mode, it would actively block traffic that matches conditions in the Suricata rules file.