It is hard to answer this question, as what you are reading is speculation on the part of Bernstein about a hypothetical weakness in standard lattice-based cryptography (i.e. using cyclotomics, with unusually small Galois groups).
This speculation roughly proceeds as
- cyclotomics have very small galois groups (the $n$th cyclotomic has galois group $(\mathbb{Z}/n\mathbb{Z})^\times$ I believe, compared to $S_n$ for a random polynomial)
- this means that compared to random polynomials, cyclotomics are quite structured, and therefore
- we should replace cyclotomics with unstructured (relative to random) polynomials.
It is not bad reasoning, but the speculation that better attacks exist against cyclotomics (versus polynomials with larger galois groups) hasn't really panned out, i.e. it has remained within the world of speculative things to worry about.
Note that there have been better attacks against other specific (non-cyclotomic) polynomials, see for example this.
There have also been other attacks against non-RLWE knapsack-type problems that took advantage of Galois-theoretic symmetries, see for example this.
This is compounded by the following fact.
The initial worry was that picking the polynomial $f$ improperly such that arithmetic is defined over $\mathbb{Z}_q[x]/(f)$ could lead to attacks.
There has been a line of work provably addressing this concern that goes by the name of "Middle Product LWE".
The idea is that one can define a product operation on $\mathbb{Z}_q[x]$ such that, for an exponentially large family of $\{f_i\}_i$, if RLWE is hard for any of the rings $\mathbb{Z}_q[x]/(f_i)$, then Middle Product LWE is secure.
See this for a sample paper on the topic.
So if you are concerned that power-of-two cyclotomics are plausibly weak, it is perhaps better to move to Middle Product LWE instantiations, rather than pick another $f_i$ out of a hat and hope it is strong.
