“Decoding Political Violence with OSINT and Lessons from the Frontline”

Join deep dive: Wed, Dec 18, 16:00 CET
15 Jul 2023

The Pivot Podcast: Exploring the World of Geopolitics and OSINT with Kevin Limonier

Maltego Team

In this episode for The Pivot podcast, we welcome Kevin Limonier!

Kevin Limonier is an expert in geopolitics. He holds the position of an associate professor in Geography and Slavic Studies at the French Institute of Geopolitics (Paris 8 University), serves as the deputy director of GEODE, and is a founding partner of Cassini, a company specializing in cartography and territorial intelligence. Previously, he worked as a lecturer at the Russian State University of Humanities (RGGU, Moscow) for several years.

As a specialist in the Russian-speaking internet and territorial innovation policies in the USSR and contemporary Russia, Kevin’s geopolitical research focuses on developing new methods of mapping cyberspace, particularly in the post-Soviet context. He is also interested in the methodology and epistemology of geopolitics.

In this episode, we delve into a variety of topics ranging from the meaning of OSINT within the field of geopolitics, the current limitations of OSINT, and some emerging challenges as the world and the internet rapidly evolve. We also discuss how authoritarian states, such as Russia, control their internet and its evolution over the years.

Listen to this podcast episode on Spotify, Apple Podcast, Google Podcast, or the Maltego YouTube channel!

The Pivot: Your New OSINT and Infosec Podcast 🔗︎

Brought to you by Maltego, The Pivot is your OSINT and infosec podcast that dives deep into topics pivoting from information security to the criminal underground. Through The Pivot episodes, we aim to share insightful information for beginners and seasoned investigators alike, shedding light on all things OSINT and infosec from an insider’s perspective. 

Each episode features one or two of Maltego’s Subject Matter Experts as the host and an external expert, researcher, or industry leader invited to share their projects, stories, experiences, and advice. 

Where to Listen to The Pivot?  🔗︎

The Pivot podcast is available on Spotify, Apple Podcast, Google Podcast, and the Maltego YouTube channel. Each episode is 45 to 60 minutes long and is released on the 15th of every month. Stay tuned with us for more updates! 

Tell us about your work, how OSINT got into your way, and how you use it in your work! 🔗︎

Kevin: I’m a geography specialist working on Russia. At the very beginning, I was writing my Ph.D. dissertation in Geography. The topic was about the 10 closed former Soviet cities that were opened after the collapse of the Soviet Union, and I studied how these cities reopened and survived the shock therapy, the conversion, the capitalist system, and so forth.

I lived in some of these cities for about a year. When I was there, I discovered very interesting things about the Russian internet and the fact that, for example, there were two digital networks in some of these cities. The first one was the global internet, and the second one was a kind of local network at the size of the city. I was very astonished by this discovery because this doesn’t exist in Western Europe and France. I met a lot of Russian people, including programmers and hackers, and learned the unique structure of the Russian internet.

Around 2011 and 2012, I decided to focus my research on the Russian digital network architecture, its impact on geopolitical consequences, and the way different actors investigate the network. That was the first time I used digital footprints, trying to cross and analyze them back in the time when nobody would call it OSINT. OSINT was non-existent at that time, but a lot of people like me did it without knowing we were doing OSINT since everything changed during the past 10 years.

Later, we realized that digital investigation was not only a hobby for geek people but also a way of understanding and collecting information that was not supposed to be public. It is a very important topic regarding investigative journalism and geopolitics when you have people like Navalny being able to identify the guys who poisoned him just by doing some basic OSINT.

How is OSINT used in geopolitics? 🔗︎

Kevin: It’s a vital tool for geopolitics nowadays. As a geographer, I’m interested in understanding and mapping the physical world, and for me, OSINT is a set of tools that can be used and mobilized in order to find out how power shapes sub-territories, and we perfectly see that in Ukraine today. We have a lot of OSINT communities trying to identify some war criminals, which Russian regiment did what, or which Wagner Group soldier killed somebody.

All these investigations are very useful in order to learn about geopolitical conflicts as we are in a deeply digitalized society where almost nothing happens without the intermediation of a smartphone, a computer, or a digital thing. Nearly every of these intermediation actions generates digital footprints, and some of these digital footprints are open source while others are not. However, harvesting and trying to understand them can help you to have a better view of a geopolitical situation since there is no geopolitical situation in 2022 that does not generate digital footprints.

Do you think sometimes OSINT can be used for political leverage? How would the states employ and insert it in a global geopolitical context? 🔗︎

Kevin: Let’s first talk about what geopolitics is. Geopolitics is a scientific methodology used to understand how some groups, such as states, non-state actors, terrorists, you name it, establish territorial control on a given surface of the earth. Establishing territorial control is, most of the time, a matter of controlling networks, which is not something new. For thousands of years, when you want to take over a territory, you firstly occupy the networks that shape this territory, for example, the railroad system, the road system as well as the non-physical networks such as the political networks, the information networks, the power networks, and so on.

Basically, everything in geopolitics is about controlling the networks. What’s new today with the digital revolution is that most of these networks are at some point digitalized. I would say physical networks are also partially digitalized. There is no power grid working, for example, without computer science today in Europe at least. All these digitalized networks and its activities produce some information. This information and these digital footprints can be of use not only for comprehending what is happening on the ground like we see in Ukraine but also for highlighting how a given actor is either winning or losing ground. We see today that digital investigation is crucial to point out the crimes that are committed by the Russians in Ukraine. This is something of very vital political significance because now you are able to establish a regime of truth by showing and demonstrating who is guilty of what.

We can see today, for instance, on networks such as Telegram, you have a real war between collectives and people doing OSINT and supporting Ukraine on one hand. On the other hand, people are doing the same for the Russians. Everybody is pushing their narrative and their own interpretation of, sometimes, the same facts. This is a new way of telling who is right and who is wrong, and it’s something deeply political. Nevertheless, it could also be a danger to democratic processes seeing that OSINT interpretations can be very objective, and sometimes it is so technical with the technicality being pronounced that it is a problem for bringing it to a wider audience.

You wrote a paper about the entrepreneurs of influence from Russia with a focus on those in Africa. Could you elaborate on that? 🔗︎

Kevin: Our purpose was to analyze the new activity of Russian actors in French-speaking Africa, especially by investigating their digital footprints with OSINT. We wanted to know how some of the actors, like Yevgeny Prigozhin, make their way to gain popularity worldwide as well as how these people arrived in Africa, what they were doing, and so on. We couldn’t do physical investigations for obvious reasons. Instead, we looked into their activity in Africa for about two years. With all the OSINT investigations and analysis, we were able to identify some behavioral patterns of these people.

What we noticed is that most of these Russians who were beneficial for reestablishing Russian influence in Africa were doing it for business and they were indirectly linked to the Russian government. That’s why we forged this concept of entrepreneur of influence because we wanted to show how these people accompany the return to the geopolitical comeback of Russia in Africa by making money, political contacts, or what we call capital in sociology, for example, a political capital, symbolic capital, or an economical capital.

How does this whole system of entrepreneurs of influence function? 🔗︎

Kevin: When we investigated these people, they were independent and not officially associated with the Russian government. What we did notice is that the business model of such entrepreneurs in Africa was based on three pillars.

The first one was information influence and information operations. People like Prigozhin are experienced in information manipulation. They started it during the demonstrations organized via social networks back in 2011 and 2012, which was the very beginning of information manipulation sponsored by the Kremlin. In 2014, during the Maidan Revolution in Ukraine, the annexation of Crimea, and the beginning of the Civil War in Ukraine, these people were once again noticed. Later in 2016 marked the apotheosis of these people as they practiced some election meddling during the 2016 US election and were officially indicted by the FBI in the Robert Mueller report. After 2016, Prigozhin and all these people doing information manipulation were looking for a new place for making profits, knowing that the USA was no longer the place for them as a result of the considerably growing awareness of the FBI and the federal government. They arrived in Africa, particularly the French-speaking regions, with the offers of information manipulations, manipulation of elections via social networks, and so forth.

The second pillar is the security management and what we call private military companies (PMC) or mercenaries. Wagner, which is actually not a company, but a bunch of companies claiming to be Wagner, provide military protection to unstable African regimes that would otherwise have collapsed. The second pillar also consists of what we call praetorianism, selling some kind of patrol and guards to unstable presidents and governments in Africa.

The third pillar, the most important of all, is the exploitation of natural resources. Despite the political interests, organizing information manipulation and operations is not lucrative. Though PMC activity is lucrative, the real place for Wagner, Prigozhin, and all these entrepreneurs of influence to make money in Africa, is to exploit natural resources, such as diamonds in Central African Republic, gold in Sudan, and chromite in Madagascar. This is how they support their enterprises and build a real empire in Russia.

What was the methodology you used to track them via OSINT? 🔗︎

Kevin: Here I must say that Maltego helped a lot. I was able to cross all the data and visualize the networks we were investigating thanks to Maltego. We identified some websites we knew were belong to Prigozhin and other entrepreneurs. Starting from these websites, we found some IP addresses, historical whois information with email addresses, phone numbers, Google ID, Google Analytics numbers, and the pages. With all this information, we uncovered new websites, new institutions, other affiliated companies, and more. We were also able to draw a map which is included in the paper with hundreds of Entities.

However, the most difficult yet important part was to make sense of all the collected data. We spent months ruminating and pondering what we had in front of our eyes. You have to go deeply into the websites and databases in order to have a firm grab on what you’re looking at. To me, that’s something of great significance for people doing OSINT. I’m not pretending to be an OSINT professional, but as an academic, I observe the practices of digital investigations. From what I see, once you have the information, footprints, and data you need, that’s when the most complicated part comes into play, in which you try to stick to the context and not lose the point. I think that everybody who does OSINT has encountered this problem at some point that when you have a dataset, it’s very easy to manipulate this dataset to say or tell whatever you want it to say from one small interpretation mistake to another. You might do it unconsciously, and that’s what we call bias of confirmation, which is something very powerful that we strive to fight against when conducting OSINT investigations.

To learn more about cognitive biases and corresponding prevention measures, check out our webinar here.

There’s More! Listen to Our Full Interview with Kevin! 🔗︎

If you have found those interview snippets interesting, don’t miss out on the complete version!

Listen to our full interview with Kevin to learn more about:

  • What Kevin thinks to be some of the current and future limitations of OSINT
  • How Russia gradually imposes more and more controls on its internet and filtrates the traffic from other countries
  • What are the differences between the internet handled by the state of Russia and by the Russian-speaking countries

And much more!

Listen to this podcast episode on Spotify, Apple Podcast, Google Podcast, and the Maltego YouTube channel, and follow us for future episodes!

Check out Kevin’s work on Twitter!

Don’t forget to follow us on Twitter, LinkedIn, and YouTube, and subscribe to our email newsletter, so that you never miss an update, tutorial, or interview like this.

Happy investigating!

By clicking on "Subscribe", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.