The fight against malicious software (or malware, which includes everything from worms to viruses to botnets) is often viewed as an "arms race." Conventional wisdom is that we must continually "raise the bar" for the malware creators. However, the multitude of malware has itself evolved into a complex environment, and properties not unlike those of ecological systems have begun to emerge. This may include competition between malware, facilitation, parasitism, predation, and density-dependent population regulation. Ecological principles will likely be useful for understanding the effects of these ecological interactions, for example, carrying capacity, species-time and species-area relationships, the unified neutral theory of biodiversity, and the theory of island bio-geography. The emerging malware ecology can be viewed as a critical challenge to all aspects of malware defense, including collection, triage, analysis, intelligence estimates, detection, mitigation, and forensics. It can also be viewed as an opportunity. In this position paper, we argue that taking an ecological approach to malware defense will suggest new defenses. In particular, we can exploit the fact that interactions of malware with its environment, and with other malware, are neither fully predictable nor fully controllable by the malware author - yet the emergent behavior will follow general ecological principles that can be exploited for malware defense.