Army Gen. Keith Alexander, speaking at the American Enterprise Institute think tank, said the time for legislative action is now, before the nation is hit with a major cyberattack an event he called increasingly likely.
"The conflict is growing, the probability for crisis is mounting," he said. "While we have the time, we should think about and enact those things that we need to ensure our security in this area. Do it now, before a crisis."
Numerous government agencies play a role in defending the nation's computer infrastructure, including the Defense Department, the Department of Homeland Security and the FBI.
Referring to the prospect of a destructive not just disruptive attack on vital U.S. computer systems, Alexander said, "I do think that's coming our way. You can see this statistically; the number of attacks is growing."
Alexander made no mention of the less worrisome, but still bothersome, computer hacking that infected hundreds of thousands of personal computers around the world with malicious software as part of an online advertising scam. The FBI took down the hackers late last year and set up a temporary safety net of Internet servers. The servers were turned off Monday, but apparently only a small fraction of Internet users were left without access.
Among the key issues before Congress is the matter of encouraging companies and the federal government to share information collected on the Internet to help prevent electronic attacks from cybercriminals, foreign governments and terrorists. Lawmakers also are considering a bill aimed at improving coordination between the private and public sectors on research and development on cybersecurity.
Alexander also cautioned that while al-Qaida is not now capable of destructive computer attacks on the U.S., the terrorist group could acquire that aptitude.
"I don't see it today, but they could very quickly get to that they and others. That does concern me," he said.