Spotlight on Cyber Security with CIA Veteran Karl Wagner

Karl Wagner, former CIA Veteran and current Cyber Security professional, gives useful insights about the hidden risks businesses and individuals face in the cyber world.
Karl Wagner, former CIA Veteran and current Cyber Security professional, gives useful insights about the hidden risks businesses and individuals face in the cyber world. The most strongly emphasized point made by Wagner is the importance of knowledge. Specifically, knowledge of your risks and knowledge of your “crown jewels,” or the things you would like to protect. There are three important aspects of cyber-attacks that one should be knowledgeable of: Types, Targets, and Origin.

It is also important to know which commonplace activities, such as social media, could increase one’s vulnerability to these attacks. As a result of the COVID-19 crisis, there is an increased amount of virtual interaction. As a direct result, we see a corresponding increase in the number of opportunities that attackers can exploit. Wagner encourages us to become more aware of our actions online and to take the necessary preventative steps to fight against our prospective vulnerability to such attacks.

View Transcript

Ryan Morfin:

Welcome to Non-Beta Alpha. I’m Ryan Morfin and today’s guest is Karl Wagner, the CEO and Founder of Eastern Sky Technologies. Karl is a CIA veteran of 29 years and he’s involved in advisory work for some of the largest family offices in the United States. Today, Karl’s going to share some of his insights for cybersecurity threats in the current environment. This is Non-Beta Alpha. Karl, welcome to the show. Thanks for coming.

Karl Wagner:

Thanks, Ryan. Appreciate being here.

Ryan Morfin:

Well, given your national security background, I wanted to chat with you a little bit about the current environment that we’re in. Cyber attacks are increasing right now, all the people working from home, and you’ve done a lot in your career after the CIA to help billionaires protect themselves and their families. In this new environment where everybody is working from home wifi and on their mobile devices, could you maybe expand on some of the risks that we’re facing that we may not be thinking about as well as some of the things that billionaires think about when they start protecting their footprint?

Karl Wagner:

Sure. I’d be happy to. I think we’re seeing basically an intensification of trends that had been already in place over the last few years. Obviously, ransomware is a big issue and one way, and that’s the top of many people’s minds. You see a lot of that in the press. But I think we take a step back and think about the strategic framework within which we’re looking at cybersecurity and I think the first important principle is that if you don’t know what the risks are, then you’re not going to be in a good position to defend yourself against them. But as important, and this is something that many people don’t think about is, what are your crown jewels? What are you trying to protect? Because if you try to protect everything, you end up protecting nothing.

              And so if you can focus in the same way that you might have a safe at home where you put the things that are of most value to you, thinking about, what are the things on your network that are most important to you, and you might be able to put things that are not as important on a lower priority. So define the crown jewels, understand what the risks are, and then pick a framework. Frameworks sound dull and boring, governance sounds dull and boring, but they’re actually exciting. Why? Because all of the worry that you might have in the middle of the night, if you don’t worry about this in the middle of the night it means you simply haven’t been hit yet, can be put somewhat at ease if you pick a framework.

              There’s many of them out there. The NIST framework, the CMMC framework, just Google cyber framework and it gives you a to-do list. So those are your chores. Just like you do chores around the house, those are your chores for your cyber posture. Once you pick a framework, once you start to become familiar with the risks, once you know what your crown jewels are, you are in a much better position to move forward. Another way, putting that now as our foundational piece, I’d like to talk just briefly about what are the kinds of attacks that you need to worry about and prepare for. In the same way that now we’re in a pandemic situation, we either did or did not prepare for this, and we need to be preparing for black swan events from a cyber standpoint as well. And in order to do that, you need to know the types of attacks that are possible, the targets of those attacks, and then the origin of those attacks.

              That’s one way to split it out and think about it. I mentioned ransomware already. Phishing is another of the most important types of attacks to protect against, and that’s really more of a human problem. It’s about training yourself and the rest of your staff on not clicking on the link, because we’re only as strong as the weakest link in our chain. Everybody makes mistakes, but there are ways out there to test your staff, train them and then test them on anti-phishing techniques. So phishing, ransomware, data breaches. Data breaches is a cross cutting category, but data breaches are company killers potentially. And some statistics show that if you talk about active shooter events and compare them against data breaches, of course, the human cost and the economic costs are different, but they’re as problematic.

              You can talk about millions of records being lost. It can be a threat to your company if that were to happen to you. And then DDoS attacks. So those are really the four main categories to think of, phishing, ransomware, data breaches, and DDoS attacks. As far as targets, critical infrastructure is really what this industry is a part of and you can consider yourselves top tier attack targets because the financial industry is critical infrastructure in the same way that nuclear power, transportation are promo attack targets for these bad actors.

              And then finally, just for this initial piece, my comments, it’s important to think about the origin of these attacks. You’ll be lucky if the person attacking you is a common criminal. Why? Because we have advanced persistent threats out there, APTS, and we’re talking about very sophisticated state sponsored actors of the type that when I was in government we had to protect ourselves against and to combat. I don’t need to name countries or name names because a lot of countries do this for their national security purposes. Some countries’ bad actors actually, in their spare time, will use those same techniques for criminal activities. And so that’s kind of a double hit for us in the financial sector that we need to worry about, state sponsored attacks and then non-state sponsored attacks by state sponsored actors.

              So it’s really a daunting backdrop out there, but by doing what I said in the beginning, which is knowing what your crown jewels are, knowing what the types of attacks are, the targets, and the origin of those attacks and picking a framework, you’re much better off to start working down your to-do list, your chores, to make yourself much more impervious to attacks and protecting your customers and fulfilling your custodial duties basically.

Ryan Morfin:

Those are all great points as a way to kind of start to think about it. I think a lot of entrepreneurs and a lot of financial advisors who own their own office or business typically outsource a lot of their IT and hadn’t really thought through or hoped that the people they’ve paid as consultants have thoughtfully put together a framework. But you said something that really resonates I think if you look at the target attack or some of the other larger data breaches, it was the vendor list or the suppliers or the contacts in that business, maybe not the employees themselves that are the ones that get breached, and some hacker back doors into a position to take over your network. And so can you talk a little bit about the importance of thinking through what you click through and talking a little bit about maybe some examples of how that people have backdoored into major data breaches?

Karl Wagner:

That’s exactly right, Ryan. Thanks for bringing that up. This really is kind of the flavor of last year and into this year. I think that there’s a much greater awareness of what some of the threats are out there, and people are really starting to baton down their hatches. But you have to realize that your edge is the furthest point that your network reaches and to the extent that you’re connected to your law firms or to your third party vendors, or that you’re passing them your sensitive proprietary data, they’re your edge and they’re your endpoint. And so it doesn’t do a lot of good to have endpoint protection on your network when you have an open door for those vendors. So the point is either to close that off or to require in the contracts with them and then follow up through perhaps another vendor that will help you check your third party vendors as to what their cyber protection are and what their cyber posture is.

              I will say that one of the projects that I did since I left government was for a large manufacturing company, and luckily they were looking carefully at the third party vendor risk. They found out that their law firm really had low cyber standards and I think they were in the process of increasing those, but they were able to easily access themselves from outside their own network their sensitive files. So it is something that is very important to think of. The target breach data breach is another example of that, the third party vendor risk. Now, again, I think those frameworks, especially the NIST framework, will include that in your checklist. So pick one and work it, basically, is the bottom line.

Ryan Morfin:

And one thing that I think a lot of advisors acknowledge but may not think of themselves as a target, is that the financial institutions that we’re all part of are part of the critical infrastructure as defined by DHS. But one question is, why would a nation state want to hack into a CRM or a data set for financial advisers’ particular clients? What would be the nation state reason to want to run somebody into our network?

Karl Wagner:

Right. Well, I mean, there is multiple reasons. I don’t want to be too pessimistic here, but I did spend 29 years in national security and I will say that many of us are American born, U.S. born American citizens and have a hard time under other ways that there are of seeing the world. Some of the advanced persistent threats out there in the state sponsored actors as part of their national security strategy are seeding into our critical infrastructure the ability to stymie us and take down important nodes and entire industries if they need to do so in the event of conflict. So the financial infrastructure is a prime target in that regard. On a more focused basis, some of the techniques used by foreign intelligence services to target their targets, whether they’re Americans or not, include looking at the financial vulnerabilities of their targets.

              That’s one of several reasons why somebody might work for a foreign intelligence service and do their bidding, and it gives them a leg up if they can look at the financial status of your customer. So those are two examples I can think of, of others, but suffice it to say, this is important information. If you had all of the financial data and you’re targeting certain people and you can marry it up with other data about them then it’s much easier for you to go ahead and pinpoint the weakest link in whatever. If you’re trying to target a specific firm, for example, or somebody in a specific city with con contacts and connections with the political sphere. It’s a very common practice to do this. You’re collecting data on your target.

Ryan Morfin:

And social media is a new tool as well for hackers to socially map a company. Can you talk about why accepting LinkedIn invites from people that you may or may not know could be bad policy?

Karl Wagner:

Yeah. I mean, we’re all guilty of it. I’m not holier than thou. I accepted a LinkedIn connect from somebody who then later I wondered, “Hmm. Who is this guy really?” And I only did it because we had common connects. I contacted our common connects. None of them knew who he was. So I then blocked him. But, basically, it just opens you up for more scrutiny. Now, it’s just something to think through. I’m not saying you need to lock yourself down and wall yourself off. My LinkedIn is fairly open because I want my contacts to see who I’m connected with because I offer in a friendly way to help connect them. What goes around comes around and that’s just the way a good business is done. But you do need to be careful and I think it’s worth sometimes going through some of your connects and just taking some time, maybe a couple of hours, and looking at your exposure there and then going through your settings and thinking through what information you’re projecting and what vulnerabilities you’re opening yourself up to.

              Again, it’s just something to think about. I think a balanced approach is usually the best. I wouldn’t lock it all the way down necessarily because at the end of the day we have to sell, we want to expand our business. But, at the same time, a wide open kind of devil may care attitude towards it is one that’s going to burn you at the end of the day. Because I mean, I’ll tell you for example, one company that I was doing a project for had very sensitive intellectual property and one way to get that on actual property is to hack them. What’s a way to hack them? We need to know what kind of systems they’re running on. Is it Linux? What kind of servers are they using, et cetera? Even though they were trying to keep their most sensitive crown jewels locked behind firewalls and not to project what their IT architecture was, they had a couple of programmers who were looking for jobs and they put out there what their expertise was in.

              It was very easy to figure out, and they put right there that they were working in this sensitive area of the company, because they wanted to get a job with another company. It was very easy to figure out what the IT architecture, at least from a foundational point of view, how it was structured to then give these APTs, advanced persistent threat actors, a leg up on how they might target them through a cyber attack.

Ryan Morfin:

And so how often do you think an entrepreneur in his office should be focusing on it? Is it an annual training? Is it a memo coming out when new threats show that they’ve been working in other parts of the world? How often should people be refocusing on this?

Karl Wagner:

I would say all of the above. I mean, there are certain standards that suggest you should make this annual training. The really answer to this is if you gamify it, that’s the way to success. Find a training vendor or find some open source training tools that are fun, that are easy, that don’t take hours, that aren’t excruciating, and they’re out there, and make it a fun thing. Set up a situation where people get a gold star or something. It sounds childlike, but it still works with adults for helping others and they don’t feel like fools if they made a mistake in a situation where you have an environment of trust, where people can be willing to come forward and say, “Look, I’m sorry. I clicked on a bad link and just realized. Let’s go and track it down and see if I opened us up to expose us to anything.” So I would say more frequent training that’s somewhat shorter is better than onerous once a year longterm thing that everybody hates. And make it fun.

Ryan Morfin:

One question I have for you is that we’re in this remote working environment for most companies right now, what are some things we should be aware of while we’re talking or working on our phone as well as our home wifi networks?

Karl Wagner:

Oh, well, there’s a lot. I mean, again, pick a standard and goes through the list. There’s a lot of tips. I would say one of the things is, first, on your home modems, you can change the name of it and the password. That’s a given that ought to happen. The other thing I want to mention is that as IoT really proliferates, the Internet of Things proliferates, the attack surface is exponentially increasing. So you might have the best settings on your computer and say, “Nobody can hit me,” and this is oversimplifying it, but at some point you’re going to be under threat from your microwave because it’s connected through your modem to your laptop. So think about that. And the first line of defense is your wifi and your modem. I would say just be aware. It’s not that hard to put in a Google alert to yourself on cybersecurity threats and realize, for example, there’s a discussion that’s happening right now about certain vulnerabilities in Zooms, which is the most popular video teleconferencing software, the way it’s structured.

              I would say that it’s a bit unfair to Zoom because there’s a lot of settings in there that can protect you. It’s just a matter of actually using them and just thinking through what you’re doing and just realizing that there are people out there who want to do us harm. I don’t like to think negative in that way, but this is my industry. I was doing a project for a software company, and it really amazed me after 29 years in government, I thought that people in general are fairly aware of the fact that the cyber world is flat. And so right up against my firewall is not just my neighbors next door, but a guy in Moscow, because there is no geographic separation. And so you need to think in a contrarian way and in a red teaming way about the vulnerabilities that you yourself have and not just assume.

              I’ve seen software developers assume, “I did this great program, I put out this product, and there all kinds of holes in it.” They didn’t think that anybody would try to reverse engineer it or try to attack it, which is surprising. But I think that’s changing. I think people are much more aware, especially ransomware, for example, especially as a lot of people wake up. The National Health Service in the U.K., for example, horrible ransomware attack it took them a while to recover from. I believe that one was last year. New Orleans, Baltimore, hospitals, one in Greenfield, Indiana, an attack against them. So large cities, small cities, it’s frightening. So just watch out and follow some of these guidelines, and you’ll be better off, and I don’t like to put it this way either, but the lowest hanging fruit is what the attackers are going to go for. As long as you’re somewhat higher up and you’re working to get higher and higher, you’re going to be okay. Just start thinking through it and applying some of these principles.

Ryan Morfin:

You’ve worked and trained some of the largest companies in the United States on this risk. Can you talk a little bit about how it’s become a board issue and it’s got a governance issue for executives to pay attention as well as the fact that there’s now a cybersecurity insurance industry spotting up?

Karl Wagner:

Oh yeah. I mean, I’d say it’s about time. I think sometimes there’s a bit of denial until something is made real by looking at actual events on the ground and effects. So what you don’t want to do is wait until you’re attacked to realize that it’s real and to put a governance process in place. Luckily, some of the larger companies, their boards are imposing this, and that sounds like it’s a onerous thing. There is governance process by which companies really are holding themselves accountable to protect against these threats because of the negative impact on the business. What was the last part of that one, Ryan? Sorry.

Ryan Morfin:

Oh, just also touching on the fact that cybersecurity insurance is starting to sprout up as well.

Karl Wagner:

It’s about time for that also. I’ve got a soft spot in my heart for cybersecurity insurance guys and gals because when it first started that was hard to price, and it’s hard to know, really. We know the risks are out there. Until you get a good sense as actual events happen what the economic cost of it is you’re never going to be perfect on the pricing. So it’s changed a bit. It’s really maturing. I think this year, we’re finally starting to see some really more and more sophisticated cybersecurity insurance policies coming out that are well-priced. And, in addition, they come with some interesting services that really help you to put you in a better state so that it reduces your risk, which is good for them and good for you because to the extent they can help you locate your firewall, look at your open ports, go through some of these procedures. They’re going to be putting out less money in claims and you’re going to have better protection for your company.

              So I’m just delighted to see this maturing of the industry. And, yeah, I think it’s something that every company needs to be doing, is to review what kind of coverage they have now and to look at some of the exclusions and to just go out and shop around and try to find what would be the best coverage for them realizing that nothing is perfect. But if you don’t have cybersecurity insurance, when and if you get hit, it’s not going to be a pretty picture for you. And these companies can really, especially if they’re paired up or included, incorporate some technical assistance, can really put you in a good place and then you can sleep well at night hopefully.

Ryan Morfin:

So speaking of sleeping well at night, in your 29 years of government service, and thank you for your service, what are some of the biggest risks we’re facing as a country today and what keeps you up at night in the current risk environment that we’re in?

Karl Wagner:

Well, I mean, we’re seeing one that I think a lot of folks didn’t expect. I’d like to say I didn’t expect to. I knew we’d have a pandemic at some point. Why? Because I lived through the SARS. It wasn’t a pandemic but it was an epidemic in China when I served in China and it changes the way you think. So that change is happening now on a global scale. And we’ll be fine. I think this will be good preparation for us for a future pandemic that will potentially have a higher mortality rate, not to take away from how tragic this is. I lost a family member myself already to COVID-19 unfortunately.

Ryan Morfin:

Sorry to hear that.

Karl Wagner:

Thank you. I guess one way to think about this is I believe that the cyber realm, if you know about Maslow’s hierarchy of needs, it’s not that new. We’ve had the cyber realm for a while but it mixes in interesting ways with the physical realm. We have whole online personas, right? And some of us act in a different way online through avatars than we do in the “real world.” There’s there’s money, cryptocurrency out there, it’s about as real as it gets but it’s in the cyber world. The reason why I’m talking about these two different worlds is because much of the way we interact now going forward is going to be through virtual interactions and those open us up to a lot more disruption from cyber criminals and cyber harassers, so to speak. And so there’s a merging of these worlds. I think it’s good. I mean, there are plenty of upsides to it. It’s great that we have all this technology.

              Imagine in 1918, if we had lived through that crisis, they didn’t have this. So there are different ways to connect. So we’re rethinking that. But another thing I like to just put out as a foundational thought piece is, I like to think of some of these supernational companies such as Amazon and Google as nation states. They’re digital nation states, and to the extent that you use Amazon, or you use Google, or maybe you’re an Apple guy or gal, maybe you’re Microsoft, you are part of a tribe. And the digital world right now with these nation states is really more feudalistic. So if you think back to feudal times, you’d belong to a tribe and maybe you align yourself with your tribe and you had a fort that protected you. But there is some freedom in jumping outside your fort and leaving your tribe and roaming the hills on your own, except you’re exposed to all these threats as well.

              I just think that it’s an interesting way to think about the state of affairs in the digital world, because I think it prepares you more for the idea that there’s a lot of chaos out there and a lot of threats, and think about which tribe you’re part of. I’m not saying any one tribe is bad, but when you think about the incentives for those tribes, they go beyond American incentives or Chinese or Russian. They have their own incentives and just know what the privacy versus security incentives and guidelines and policies are for your tribe and decide intentionally whether you like that tribe or whether you want to go out on your own a little bit and realize that there’s some chaos out there and prepare to protect yourself. It’s a little ethereal, I know, and philosophical but maybe that helps frame the way you think about the cyber world.

Ryan Morfin:

That’s a great analogy. One final question is, a lot of people talk about the intellectual theft, intellectual property theft, that’s going on between the U.S. and China. You served in Asia, how big of an issue is this and is it something that the country will ever recoup from as it relates to just actual dollars stolen?

Karl Wagner:

Yeah, I think it’s a huge issue. I don’t normally name China. I know there is this theft coming from China. Maybe I’m comfortable naming China and then calling it out as long as we caveat it by saying China’s a huge country with many layers of society and many layers of government. This is a known tactic of the Chinese intelligence services and the Chinese central government so I don’t think that we should paint all of China with this broad brush. There’s a lot of great Chinese Americans or Chinese here helping us develop incredible technology. But it is true that whether it’s China, Russia, or other countries I could name but I won’t, we need to think about protecting those crown jewels. And in some ways our society is not ideally set up to do it because we have really more of an open, and I love that kind of society, and I’m proud to be in it and I don’t want to change that per se, but we just need to be smart.

              I liken it to, I might have a neighbor, maybe my neighbor is a criminal, or maybe my neighbor’s son is a criminal. I don’t hate my neighbor. My neighbor is a great guy but I’m not necessarily going to invite him in my house and then open up my wallet and say, “Here’s how much money I have. Here’s where my accounts are.” But I can engage with him and really enjoy it and be a better person for it and help him with all kinds of things without doing that and still be careful about what his son is doing, right? So just think about it. It’s not black and white. We need to be able to do hold two seemingly contradictory concepts in our mind at once. But they’re not contradictory. You can be targeted by the Chinese Intelligence Service that may want to steal your intellectual property at the same time that you’re doing a joint venture with a company in China.

              So you’ve got to be smart. You’ve got to be smart about leveraging the global nature of our economy and engaging Chinese partners if that’s important to your business model, while at the same time not letting all your IP ne walked out the back door while you’re not watching.

Ryan Morfin:

Well, that’s a message that more America and more corporate America need to hear more about. But I appreciate you joining us today, Karl. Thank you for the time and look forward to connecting again with you soon. Appreciate you.

Karl Wagner:

Thanks, Ryan.

Ryan Morfin:

Thank you. Thanks for listening to Non-Beta Alpha. Before we go, please remember to subscribe and leave us a review on Apple podcasts or our YouTube channel. This is non-paid album. Now you know.

 

Download Transcript

Share This Episode

Subscribe To Our Podcast!

COPYRIGHT 2020 ALL RIGHTS RESERVED. THIS DOES NOT CONSTITUTE AN OFFER TO BUY OR SELL ANY SECURITY; INVESTMENTS IN SECURITIES MAY NOT BE SUITABLE FOR ALL INVESTORS. AN INVESTMENT IN ANY SECURITY MAY INVOLVE RISK AND THE POTENTIAL LOSS OF YOUR INITIAL INVESTMENT. INVESTORS SHOULD REVIEW ALL “RISK FACTORS” BEFORE INVESTING. INVESTORS SHOULD PERFORM THEIR OWN DUE DILIGENCE BEFORE CONSIDERING ANY INVESTMENT. PAST PERFORMANCE IS NOT INDICATIVE OF FUTURE RESULTS. INVESTMENT PRODUCTS, INSURANCE AND ANNUITY PRODUCTS ARE NOT FDIC INSURED/NOT BANK GUARANTEED/NOT INSURED BY A FEDERAL GOVERNMENT AGENCY/MAY LOSE VALUE. SECURITIES OFFERED THROUGH CABOT LODGE SECURITIES, LLC [CLS] MEMBER FINRA / SIPC 200 VESEY STREET, 24TH FLOOR, NEW YORK, NY 10281, 888.992.2268.

Recommended For You

View Transcript

Ryan Morfin: Welcome to Non-Beta Alpha. I'm Ryan Morfin. On today's episode, we have Pini Althaus, CEO of USA Rare Earth, talking to us about the supply chain glut in rare earth minerals. This is Non-Beta Alpha.

Ryan MorfinPini, Welcome to the show. Thank you for coming on today.

Pini AlthausThank you for having me, Ryan. Good to be here.

Ryan Morfin: So you're an investor and a miner in rare earth minerals. Can you share with our listener base, what are rare earth minerals? Why are they important and why is there a geopolitical race going on globally?

Pini AlthausYeah, I mean, rare earths are an extremely ubiquitous part of all advanced manufacturing or technology manufacturing today's day and age. Several years ago, I had not heard too much about rare earths myself. I was not that familiar with it and being involved in this sector, in this company, for the past few years has given me an education of course. And I mean, I was sad to hear that 50% of all imports into the United States contain are earth elements and it runs the gamut from consumer electronic devices that we use every day. Our cell phones, our laptops, most communication devices, medical equipment. So there's a tie with COVID, which we can touch on at your discretion. Electric vehicles, defense equipment. So pretty much anything or everything high tech today has a rare earth element or critical minerals contained within them.

Ryan MorfinAnd what are some of the names of some of the more important rare earth? I know there's lithium for batteries, but what else is considered in this category, critical?

Pini Althaus: Yeah, so lithium is a separate category to battery material. The rare earths are 17 rare earths. The four, let's call it, key rare earths that we're focused on at our company, the four rare earths that go into the permanent magnets. And these are the magnets that are found, there are a number of them in your back of your cell phone or an iPad. But if you look at an F35 striker jet, you've got about a ton of rare earth magnets in those. And we've got two heavy rare earths and two light rare earths is part of the permanent magnets. You've got dysprosium, ytterbium are the heavies, and then you've got neodymium, praseodymium as the two light rare earths. So those would be key rare earths that are the focus.

Ryan MorfinAnd you use these in, I guess, in military applications as well, but historically, where has the United States sourced the rare earth for supply chain?

Pini AlthausYeah. And that's the shocking part. We've been securing those materials from China. So China controls the rare earth sector and has done so for the past 30 years or so. And it was a significant misstep on the part of the United States, allowing China to have this control. And actually this wasn't a question of China coming in and doing anything nefarious as far as stealing IP or anything. The US government made a conscious decision about 30 years ago to allow China to come to the United States and acquire the processing capabilities for rare earths. So just as part of some background, you've got the rare earth materials containing various mining projects, but once you extract them, you have to then process them and they go through certain phases before they get to the magnet phase. And China, the thought process was let China do the mining, let China do the processing.

Pini AlthausWe don't need to do that here. And we'll buy the materials from China cheaply and the premier of China at the time, Deng Xiaoping made the comment, he said, "The Middle East has oil. China has rare earths." And unfortunately we weren't smart enough to understand what he was saying. And the Chinese understood that the future of manufacturing is going to revolve around control of the rare earth and critical mineral supply chain. So if you think about it today, Ryan, we cannot build... Forget about consumer electronics and medical equipment. We cannot build the equipment that the US Pentagon or the US armed forces require, whether it's F35 fighter jet, Tomahawk cruise missile, communications equipment, without going to China and obtaining those materials. And it's obvious to all that this should be extremely alarming. We've seen China use this as a weapon, if you will, as far as how it interacts with other countries back in 2010, when there was a dispute between China and Japan on the East China Sea.

Pini AlthausSo China cut off rare earth exports from Japan for 40 days. Japan obviously being a significant user of rare earth elements for their high-tech manufacturing sector, that was stopped after 40 days. But in fact, it was President Obama that first made the United States aware of this, formed a division within the Department of Defense to handle this issue, but not much has happened. And we continue to be relying on China for these materials. And what has been made about trade war with China and whether the trade war is really the impetus for China withholding rare earth exports. And that is a huge misnomer. Whilst China had been talking or implying that they would cut off rare earth exports, the truth of the matter is that China, under it's made in China, 2025 mandate, its belt and road initiatives and others. And you seem to control the critical minerals and rare earth supply chain so that it can continue its dominance as a manufacturer or a global supplier of these materials and finished products.

Pini Althaus: It's the backbone of its economy. And in fact, China has become a net importer of rare earths from different countries like Miramar and others. So with that, they are decreasing the exports to countries like the United States, Japan and others.

Ryan Morfin: And was it ever a risk that the Chinese were going to turn off the exports of rare earth to the US during the trade war? How close were we to that? And was that ever some saber rattling that went down during trade negotiations?

Pini AlthausYeah, I think it was saber rattling. I think it would be paramount to an act of war. I can't say with any authority that that would not happen, but it would be probably, aside from war itself, it would be one of the most significant acts of war cutting the United States off from the ability to procure rare earths. But that being said, I mean, if you look at, as an analogy, the oil and gas sector and the reliance of the United States had for many, many years on OPEC countries to supply us with the oil. And we had embargoes and we had price manipulation by OPEC. This is far more significant given the ubiquity of where these rare earths go. And yes, we're always under the threat that China can cut off exports under the guise of a trade war or for any other nefarious reasons.

Pini AlthausBut I think even more importantly, to just as the natural run of the course of things with regards to their business and their desire to maintain themselves as the global leader in manufacturing and exporting of goods, China is in a position now where it actually requires these materials for their own domestic consumption and can legitimately cut off rare earth exports by stating that they need it for manufacturing and that would actually be somewhat correct. So we're in an extremely dangerous position here with this reliance on China. And it wouldn't just be China. If it was another country, it would be similar issues, not to the same extent, but reliance on one country for these materials is dangerous.

Ryan Morfin: And it's been mentioned in the past that in 2010, China flooded the market to really kill all the competitors in the rare earth mining industry. Where was the World Trade Organization during this period? And how did that play out and how does that set the chess board for China to run the tables?

Pini Althaus:

Yeah. So the WTO stepped in when China cut off rare earth exports from Japan, I think it lasted for about 40 days because the US and Japan protested the WTO, and they stepped in and China resumed exports. While I'm not an expert on these trade matters, one thing that I am aware of is that one of the reasons why China had to resume the export of rare earths was it did not legitimately need all the rare earths for domestic consumption. So therefore it was a nefarious act, if you will, to cut off rare earth exports. Now that has changed, which means China have to cut off rare earth exports today, they have a legitimate case to say that they require these materials. There's a shortage of these materials and they require them for their own domestic purposes. It is the backbone of their economy and there's very little we could do about this today, which is why it's becoming an even more urgent issue.

Ryan Morfin:

And the US government started stockpiling some of these after that incident. Can you talk a little bit about what DOD and DOE has done to start making sure that there's not a critical supply shortage going forward, and is it enough?

Pini Althaus:

Yeah, again, there is a national defense stock pile, and there are materials still that the United States needs to procure in order to shore up its stockpile. There are magnets, the finished magnet products as well, the United States government needs to stockpile. Again, there's a limited amount that the United States government has. It requires approval from Congress, whether it's in the NDAA or other approvals from Congress, to allocate monies for the national defense stock pile of these materials. That being said, there's no endless supply of these materials. And unfortunately, the apparatus, the way it's set up right now with the US government, it's going to continue to require having a secure supply chain of those materials for many, many years to come. So it's not a question of stockpiling for 10 or 20 years, and then this complacency and saying, we'll kick the can down the road. But keep in mind as well, Ryan, that US government accounts for low single digits of overall rare earth imports into the United States.

Pini Althaus:

We're talking about defense contractors, we're talking about the manufacturing sector. The direct impact this has on the economy, jobs, the automotive sector, and others is significant. So it's not just limited to the United States government. If you look at over the past couple of weeks, the sanctions that China have put on Raytheon, Boeing, Lockheed, et cetera. I mean, the question is where are they going to get those materials? And if we go beyond that, you need rare earths for the 5G network. Now that Huawei has been banned from installing the network, not only in the US but other countries, we have to have the ability to get a secure supply of these materials as well. Which currently, again, trying to control the hundred percent. So it runs across the board, both for government, defense and manufacturing in this country.

Ryan Morfin:

Well, and so help me paint a picture for our audience. Does China have all the mines for rare earth, or they're the only ones who started mining it? Or are their mines globally dispersed and nobody's been doing the actual infrastructure to do the mining?

Pini Althaus:

Yeah. So finding rare earth projects or rare earth elements is not the difficult part. It's finding them in significant quantities that makes a project economically viable. And part of that consideration are the environmental rigors that companies in the West have to adhere to. And China, even by their own admission, have had a complete disregard for mining these materials and even for processing these materials. And in fact, just the last week or so, the BBC did an expose on this, 60 Minutes has done an expose on this. But the Chinese have not denied this and have talked about cleaning up their act, but it has an effect on the bottom line for what the costs of mining and processing are if you have no environmental standards to adhere to. So China have exploited those rare earth projects they have, primarily in inner Mongolia, and have brought a number of projects online and quite quickly, and in a significant way, with a complete disregard for the environment.

Pini Althaus:

So it was seen as an environmental no-no in the West for many years. Now, what's happened over the past few years is you're starting to see rare earth projects in different parts of the world sprout up. You've got the Mountain World project in Australia owned by Linus, which is a producer of Nd and Pr, neodymium and praseodymium. So two of the light rare earths. They may have some heavy rare earths coming online at some point in time. And you've got Arafura, which is another company in Australia that we're working with to assist them with their processing so they don't have to send the materials to China for processing. But really these are a drop in the bucket for what the requirements are for the United States. And certainly what the requirements are for allied countries, the EU, et cetera. So there is a race, if you will, worldwide to start bringing projects online. The Chinese are very active in trying to secure assets outside of China.

Pini Althaus:

So in Africa. They have ownership of a project in Greenland. So there is somewhat of a race. The Australian government has stepped in and has started limiting the ability for China to own, or have ownership in, or off takes for the Australian rare earth projects. And that's part of the strategic Alliance between Australia and the US. Canada, similar thing as well. There are a number of projects that are looking to come alive, but these projects are, for the most part, will take many, many years to come online. We have to expedite the process. We have to assist with a [inaudible 00:14:41] supply chain and the domestic rare earth sector, because previously investors have been scared off by things like China flooding the market, which is not a possibility at this point in time, given that China can't actually afford to flood the market. They are already very heavily subsidizing their mine to magnet supply chain there.

Pini Althaus:

This is more now a case of being able to get production from non-Chinese sources so that the United States and allies have a viable, secure supply chain of these materials. And it's a concern worldwide. We speak to governments all over the world, and we're all facing the same issue. Some more than others, especially countries like Japan, that don't have their own rare earth projects there and are reliant on Australia where they've made some investments there. And in the United States, they've made an investment recently in Africa. So there is this race, if you will. And I think we've got a five-year window here to at least stand up a few projects worldwide. Otherwise we've lost this race and we will be dependent on China for many, many years to come. And Ryan, it's a bit of a hypocrisy. If you look at it where you've got materials going through clean, green energy applications, like electric vehicles, wind turbines, et cetera.

Pini Althaus:

That we're sourcing these materials from China, where they've, again by their own admission, has been complete environmental devastation to water bodies around these mines and processing facilities, to the communities. People have been getting sick around these projects yet we're putting these materials into our electric vehicles or wind turbines. It makes no sense at all. And people are starting to wake up to this. And that's why the sector is starting to see a lot of support come out of Congress and bi-partisan support. And in fact, it's one of the only bi-partisan issues right now in Washington. And it's good to see that some things decided to move in the right direction.

Ryan Morfin:

And is there a special process? You talk about the expense, is it really difficult to mine these? You have to go through a special chemical process to extract and clean and purify. Is it a lot harder than, say, gold or silver or some of the other, we'll call, more traditional elements?

Pini Althaus:

Yeah. It's all about the processing to some extent. So if you look at MP Materials in California, which used to be Molycorp before they went through their bankruptcy. They are a miner of Cerium and Lanthanum, which are two of the light rare earths, the lower valued light rare earths. Given that they do not currently have processing technology, they are sending those materials to China for processing where China is tariffing those heavily. Linus is also, they're doing their processing work in Malaysia and elsewhere. So it's really about the processing at this stage. One of the things that we've done, after we put out our PDA last year with our upgraded resource, which now includes a significant amount of lithium. We make a decision that, based on the test work that we had done around our processing methodology, that we were not going to send our materials to China. That it's paramount for us to do this work in the United States and in a collaborative effort as well.

Pini Althaus:

We've been asked by some of our investors, "Well, why would you be looking to help other projects with their processing?" And the answer is simple. There's no one project or one company that's going to put China out of business or make a dent, or somehow be able to take care of the overall demand worldwide for rare earths and critical minerals. And it's very important for us to have processing capability in the West. So that was the impetus for us opening up our own rare earth and critical minerals processing facility earlier this year, which we did in Wheatridge, Colorado. And in fact, we've made some significant progress on the method that we're using for this. And we're starting to collaborate with Australian companies, Canadian companies. We're currently talking to a group over in Europe as well, because this has to be a collaborative effort.

Ryan Morfin:

How does Europe solve for these problems? Do they have this better under control than the US?

Pini Althaus:

No, they're in a far worse position than we are. The EU commission recently put out a report, I think, a couple of months ago that the requirement for rare earths is going to increase tenfold within a short period of time. Lithium 18 times. They don't really have rare earth projects. Again, there are the Greenland projects, which people have heard in the news recently. Those need to further development work so they don't have rare earth projects ready to come online there. There are a couple of lithium projects that are spread around Europe, but for the most part, Europe is in an even more precarious position. If you look at Germany with the auto manufacturers, you look at the big companies like ThyssenKrupp and others, all these countries and companies are looking for alternatives to China, because we've already seen in the news about China withholding or reducing exports of some of these rare earths that are required for these industries.

Ryan Morfin:

And you mentioned earlier the regulatory posture of the US makes it difficult to mine. Is it becoming a more bi-partisan issue that we need to maybe relax some regulation around the mining exercise, to incentivize private sector to come in and start producing this? Or is the Republican party versus the Democratic party on two separate pages of music?

Pini Althaus:

Yeah. Good question, Ryan. I mean traditionally the Republican party is obviously being more pro-mining and in favor of less regulation when it comes to these things. With regards to our project, we're on Texas state land. So we don't trigger federal environmental permitting at this point in time. And obviously Texas being Texas, a mining state and oil and gas state, things are a lot easier in Texas than they are on projects on federal land where the Bureau of Land Management controls the environmental process around that. But the thing is here, and I don't want to step into what other companies are doing, et cetera, but we do need to be reasonable about allowing projects to come online if they're adhering to environmental standards that are acceptable worldwide. And what we do know, is that China is destroying the environment and cities and water bodies around their mines and processing facilities.

Pini Althaus:

We have standards here in the United States, and I think what we need to do is make it easier for companies to mine, while at the same time protecting the environment. And there are ways to do that. And we're definitely seeing buy-in from Congress, from both sides, with regards to looking how we can stand up a secure supply chain. And, obviously under the Obama administration, they had very strict regulations when it comes to mining. And that's changed under the Trump administration. Hopefully what we start to see is some normal middle ground that'll allow other projects to come online.

Ryan Morfin:

And typically in these rare earth mines, is it amalgamation of different minerals that are all consolidated together and you have to separate them out? Or do you ever find pure play, Europium, I can't even pronounce some of these. Gadolinium, Cerium. I mean, are they all mixed together and you've got to filter and sift them through, or are they pure play mines?

Pini Althaus:

No, they're generally they have a mix. So they're polymetallic projects. They have a number of different materials. Some projects, you more to what we call the light rare earths like MP in California or Linus in Australia. Our project is actually on the opposite end of the spectrum. We have a very high concentration of heavy rare earths. That being said, we do have to go through a process of separating these materials. But the case of our project where we've got 30 materials. We're not going to produce 30 materials. We're not going to market 30 materials. So what we're doing is we're focusing on the key materials that are marketable, that we need for permanent magnets, lithium as well, and working on the separation and the optimization of those materials in particular. But we're all faced with the same processing challenges and that is something that can't be set.

Pini Althaus:

There's no easy way to do this. There are different technologies that have been used in different parts of the world. So predominantly there's a process called solvent extraction, but it's big, it's bulky, it's not benign. It's a bespoke solution for one particular project. So it doesn't work for feedstock from other projects. What we've done is we're using a processing technology that's actually been around since the 1940s. It was part of the Manhattan Project. It's called continuous ion exchange. In fact, the Chinese use it to increase the purities from 99.99 to four nines, five nines, and even six nines. So for some applications you require higher purity levels. It's a far easier processing method to scale up and to take feedstock from other projects. In fact, we've demonstrated for the Department of Energy that we can take coal waste from Pennsylvania and do high purity separation of rare earths using our processing methods. So it's not a step that can be skipped unless one needs to send it to China for processing, which is not going to help us with our objectives here.

Ryan Morfin:

How many other, we'll call it, going concerns on any other businesses that are doing this, that are trying to, I guess, start the development of these mines. Are you guys one of a few or are you one of many? And is it an international or just a US game? Who's leading the charge at going after this?

Pini Althaus:

Yeah, well, I'd say the Australians are leading it outside of China right now. You've got some really good projects in Australia. Again, more skewed toward the light rare earths. There's one more heavy rare earth project in Australia, which is not yet producing. The United States, you've got MP Materials, you've got Ucore in Alaska, you've got the Bear Lodge project in Wyoming, which is also another light rare earth project. So as far as a heavy rare earth project that looks like it will come online in the near term, that would be our project. In Canada there are a couple of projects there as well, and again, more skewed toward the light rare earths. But we really need to get as many of these projects online as possible. Because again, I don't see it as competition. We all have a problem doing supply agreements or offtake agreements for our materials.

Pini Althaus:

In fact, one of the things that we're going to have to consider is looking at potentially scaling up our production, based on the demand that we're already starting to see. And I think other companies would find that as well. So it's all about the economics of the project. You have projects that were economically viable back in 2012 or rare earth prices with 35% or so higher than they are today, and are not necessarily viable today. So that's the challenge as well, economically viable projects. And we've got to get as many of them online as possible. It takes many, many years. I mean, our project has had over $70 million put into it to get to where we are today, and we're close to getting to the production scenario. It all revolves around processing at this point in time.

Pini Althaus:

We'd be very happy to see another couple of projects come online, because this is extremely important for national security and for the economy as well. I mean, if you think about it, Ryan, if you've got a billion dollars of rare earth materials, that translates into a trillion dollars or I should say trillions of dollars of finished product. So you've got a magnet in your phone there that's worth a couple of dollars and the cell phone's a thousand dollars. And electric vehicles and defense applications even more.

Ryan Morfin:

Yeah, everyone has one of these iPhones now, and there's tremendous amounts of rare earth on the circuit boards here. And I think people take it for granted that that supply chain is not secure right now. So one question for you, there's talk of this maybe medium term to longterm, but there's talk about mining in space. Do you think that's a feasible option in the longterm, medium term? What are your thoughts on that?

Pini Althaus:

No, that's just ridiculous. I mean, we're trying to find ways to make mining on earth economically viable. I think the cost of going up to space would be more than what our capex will be bringing our entire project into production. I mean, we've got about a 350 to $400 million capex to bring 130 year mine life into production. I'm not an aerospace expert, but I think sending a rocket, building a rocket ship and sending it up, I think maybe on the fuel alone, you could bring a couple of projects into production. So unless we have a fortunate situation or an asteroid lands on earth, and fortunate if it lands somewhere where we don't care, I don't see how that happens. And if it's big enough, it's a problem as well. It's nonsense. And even, options aside of the deep sea mining for rare earths, I mean, you've got all sorts of environmental issues around that as well. I think we need to look at projects that we can bring online, that can be done so in an economic way, that can be done so in an environmentally responsible way.

Pini Althaus:

I mean, one of the things that we've done at our project is we've got in excess of 60% of the materials that have come out around top, will have a clean green energy applicability to them. So we're using the benign processing method. We're going to be using renewable energy on site. In fact, we will likely be putting a solar farm on site as well. We've talked to a couple of companies that have approached us about that, and we'll be a net producer of power for the surrounding area. So there are ways to do it which don't affect the environment. Obviously if there's a project that's situated on a sensitive area, that's a unique situation for that specific project. We've seen it with the Pebble project, which is not a rare earth project. The Pebble project in Alaska where their environmental concerns is we've been recognized by both Republicans and Democrats, but we have to be reasonable about the projects that don't have environmental concerns.

Ryan Morfin:

So Pini, in season two, we ask all of our guests a series of six questions. They're usually, yes, no questions, but trying to take a survey of our conversations. And if you want to add a little context to the yes or no, feel free, but here goes the first question. If there was a COVID vaccine available today, would you take it?

Pini Althaus:

Yes.

Ryan Morfin:

Who do you think is going to win the election?

Pini Althaus:

Which election?

Ryan Morfin:

The US election.

Pini Althaus:

Well, I think it looks like Joe Biden's going to win it, but I think what happens, if we go past January six from my understanding is that the house will vote on it and it's one vote per state. But I don't know if I see it getting there at this point in time. I really don't have a crystal ball.

Ryan Morfin:

Third question. What type of economic recovery are we in? What type of shape is it taking? A V-shape, W, U, L?

Pini Althaus:

Yeah, I think 2021 is going to be challenging. I think we've been, and rightly so. I mean, we've had no choice as of almost every other country. We've been printing money for the past year because of COVID. And I think we've got to brace ourselves that, at some point in time, the chickens come home to roost. It was a necessary step. People needed it on an individual level. Businesses needed it as well, but I think we've got to do whatever we can to stimulate the economy, give people confidence to go out and work again, employ people. So I think we've got to watch ourselves, especially in 2021. And I have some concerns, but long-term, I think the approach in the United States is a healthy one.

Ryan Morfin:

During lockdown this summer and quarantine, was there anything in particular that you accomplished that you're particularly proud of?

Pini Althaus:

Yeah. A great amount of family time, which, if you would've asked me a few years ago if I could sit at home and be at home for six months, I would have told you absolutely not. I wouldn't be able to do it for six days, but it has... I'm sure it's done this with a lot of families as well. It's brought families together. We had a baby actually last year on Thanksgiving. So I was doing a lot of travel at the time and thought I wouldn't get to see my daughter in her first year or couple of years too often. And being home with her every day is actually been just the most amazing experience. So thankful at least for some silver lining in COVID.

Ryan Morfin:

Are there any silver linings that you see in the economy going into 2021?

Pini Althaus:

Yeah, I think we've gone through an absolute beating and it looks like we've got the ability to come out of it. And I think that's a testament to how strong the economy was built up in the years preceding COVID. So overall I remain an optimist. I mean, we are a country built on opportunity and going out and making it happen. And we're not a socialist country sitting and waiting for people to send us paychecks or wealth distribution or anything like that. I think the American dream still lives on. I think if you go out and you're willing to work and put your head to it and heart in it, I think we do have the ability to climb out of it. So if we look at what the economy is doing over the past few weeks, it looks like it's starting to rebound. And to me, that's assuring because it could go completely one way as well.

Ryan Morfin:

And the last question is, is there anything that you're watching, or listening to, or reading today that has been impactful on your thinking that you'd like to share with our audience?

Pini Althaus:

Yeah, that's a good question. I think it's been more personal stories. The news, I sort of take that in context or with more than a grain of salt. In some cases stay off the news channels for a number of days at a time, it became quite repetitive. But I think on the personal side, talking to friends, my family's all back home in Australia, they've just come out of 110 day lockdown, which we can't relate to that. It's been very trying on them and seeing the fortitude that they've had to come out of that and stay intact. I think the mental health issues that will come out of COVID are going to have a far longer effect than the economic issues. I think we're going to have to focus on mental health issues in this country for a long time to come.

Pini Althaus:

The impact on kids has been significant with regards to lockdown or remote schooling, et cetera. But to see people come through it. I think it's a testament to people in general and to the country and other countries as well, to see got that fortitude and survival instinct to try to get through whatever adversity we can. So hearing the personal stories, the challenges that people have gone through, I think it's made me a lot more aware of things that I have to be thankful for and where we can help out other people as well. I think we have to be united going forward because there are things...

Pini Althaus:

I think one of the things that COVID has shown us is we can get into this complacency and life goes on and we go one day to the next. And all of a sudden we get hit by something that affects everybody equally. I mean, COVID, whilst there were groups of people, whether it was the elderly or people with underlying health conditions, that got hit the worst. I mean, we all got hit in some form or another. So really, this should be something that unites us, not divides us.

Ryan Morfin:

Well, Pini, I appreciate you coming on today to talk to us a little bit about the supply chain crimp on rare earth and we'll definitely keep an eye on it and would love to have you back in the future.

Pini Althaus:

Thank you, Ryan. Thanks for having me.

Ryan Morfin:

Absolutely. Thank you. Bye-bye. Thanks for watching Non-Beta Alpha. And before we go, please remember to like, and subscribe on Apple podcasts and our YouTube channel. This is Non-Beta Alpha, and now you know.

 

The unique history of a Maryland based distillery and craft secrets on how to make great American Bourbon w/ Admiral Scott Sanders Founder of Tobacco Barn Distillery

The unique history of a Maryland based distillery and craft secrets on how to make great American Bourbon w/ Admiral Scott Sanders Founder of Tobacco Barn Distillery

The unique history of a Maryland based distillery and craft secrets on how to make great American Bourbon w/ Admiral Scott Sanders Founder of Tobacco Barn Distillery

read more

Want to join our show?

Would you like to be a guest on the Non-Beta Alpha Podcast? Please click below and let us know that you are interested in being a guest on the podcast and we will get back to you shortly.

Skip to content