In this episode of Cyber Focus, host Frank Cilluffo speaks with Sai Molige, the leader of the threat hunting team at Forescout. They discuss the key findings from Forescout’s 2024 Global Threat Roundup, including the growing role of bulletproof hosting services, increasing attacker dwell time, and targeted cyber intrusions on critical infrastructure. Molige explains how state-sponsored actors and cybercriminals are increasingly collaborating, and how the convergence of IT and OT security is reshaping the cybersecurity landscape. He also shares insights into new malware targeting industrial control systems, emerging attack techniques, and the importance of intelligence-led defense strategies.

Main Topics Covered:

• Key findings from the 2024 Global Threat Roundup: bulletproof hosting, increased attacker dwell time, and rising attacks on cybersecurity infrastructure.
• Threats to critical infrastructure: espionage and tracking of key personnel, VPN exploitation, and borrowing of attack tools between cyber groups.
• State-sponsored and criminal cyber collaboration: the blurred lines between nation-state actors and cybercriminal groups.
• Operational Technology (OT) security risks: increased targeting of specialized industrial protocols and legacy system vulnerabilities.
• Threat hunting frameworks and cyber resilience: the importance of intelligence-led defense, strategic visibility, and response planning.

Key Quotes:

"[Bulletproofing services become] breeding grounds for cyber attacks, or at least the building blocks for it. —Sai Molige

"Attackers are spending an increased amount of time inside the network to better understand the environment they are in." —Sai Molige

"Cyber criminals...are finding opportunities, and partnering with either nation state groups or state-sponsored groups." —Sai Molige

"Trust is the coin of the realm for the good guys, but also for the bad guys. So maybe we need to be spending a little more time eroding trust and confidence between and among some of these cyber criminals." —Frank Cilluffo

"[Threat hunting] is a iterative and proactive process, to uncover hidden risks and enhance resilience." —Sai Molige

Relevant Links and Resources:

• Forescout’s 2024 Global Threat Roundup
• CISA Cybersecurity Advisories on Industrial Control Systems

Guest Bio:

Sai Molige is the head of Threat Hunting at Forescout, where he leads efforts in adversary engagement, cyber intelligence, and advanced threat detection. He has previously worked at Comcast and Snapchat, bringing deep expertise in network security, offensive cybersecurity strategies, and cyber threat intelligence. His work focuses on understanding attack patterns, improving cyber resilience, and bridging gaps between IT and OT security.