Way back in the 1980s, the first bits of malware started to make their way from computer to computer. These early viruses did little more than send annoying messages to users and propagate themselves by reading users’ email contact lists. Slowly, these bits of code became more malicious, erasing data or paralyzing networks of computers. Disreputable programmers started to realize that they could profit from tools like these, and malware began to steal valuable data, like identification credentials and financial information, to sell or use for personal gain. As this happened, cybersecurity began to develop, and malware needed to become more complex to continue its efficacy.
Today, there is an overwhelming amount of malware online and elsewhere, and nearly all of it is complex. Worse, malware is increasing in complexity all the time, striving to keep ahead of cybersecurity programs like antivirus and network security tools. However, when most users hear that malware is increasing in complexity, many aren’t sure what that means for their devices and networks. Here’s what is actually happening with malware and what more people can do to stay safe.
What Complexity Means
Complexity isn’t merely a feature of malware; it exists for all software. In fact, complexity is a natural byproduct of creating and maintaining any type of code. By definition, a program becomes complex when it contains a high number of interactions between a high number of entities. In regular software, complexity is both good and bad — it means the software can offer plenty of functionality, well beyond the simple programs found on floppy disks and computers of yore. However, high complexity also means there is a high likelihood of interactions interfering with one another, causing glitches and even vulnerabilities.
There are two primary types of complexity: accidental and essential. As one might expect, accidental complexity isn’t the good kind; it occurs when a developer is careless with their tools or methods. Often, accidental complexity can be resolved with more high-level programming language or a more structured software framework from the start. On the other end of the spectrum is essential complexity, which cannot and should not be eliminated. This type is necessitated by the characteristics of the problem; sometimes, it’s impossible to create a functioning software solution without writing complex code.
The final element of complexity is measuring it, and there are many ways to do that. The most popular is the cyclomatic complexity metric, which measures the number of linearly independent paths in a bit of code. Cyclomatic complexity is calculated through a control flow graph. However, one might also measure complexity through branching, data access, data flow and decisions.
Why Complexity Is Happening
Now to answer the main question: Why is malware getting more complex? Unfortunately, the answer is: Because it has to. Malware developers are engaged in a fast-paced and aggressive arms race with cybersecurity developers; they need to create malicious programs that defeat or bypass a variety of security tools, and that means writing complex code that accomplishes difficult tasks. Much of the complexity developing within malware is essential and intentional, so cybercriminals can accomplish their goals of infiltrating systems and stealing data — or whatever despicable goal they may have. Although, it is worth noting that some malware complexity must be accidental; it isn’t uncommon for malware authors to tinker with older malware, tacking on code to update it with new features rather than build their own malware from scratch. This certainly contributes to the increased complexity that researchers are identifying.
How to Combat Complex Malware
Complex malware sounds threatening, but in truth malware has been becoming more complex since the beginning of malicious software. Fortunately, as malware increases in complexity, so does the software used in fighting malware. Today, device users have access to strong and targeted anti-malware tools, like ransomware removal services. Even as malware evolves to circumvent cybersecurity software, cybersecurity software is becoming more complex, too. Experts expect that the next major leap in cybersecurity — on both the malware and anti-malware sides — will be to artificial intelligence, meaning the programs themselves will increase the complexity of their code to discover new ways to accomplishing their goals.
Malware is increasing in complexity — but so are the tools used to combat it. While users should be aware of malware, especially the latest and greatest variants, it is more important that users understand the complexity of security software, so they can stay as safe as possible even as malware becomes more and more complex.