Lynne Owens said the revelation came after investigators scoured through sites for paedophiles on the dark web, finding an estimated 144,000 accounts linked to British people.
Estimates previously had put the number of Britons with a sexual interest in children at around 20,000; one unpublished estimate, which law enforcement did not seek to rely on, put the number at 40,000 adults.
It may be that some individuals have more than one account but Owens, speaking at an event in central London on Tuesday, said that in her professional judgment the number of paedophiles was much higher than law enforcement and government had realised.
The NCA director general said: “I draw on two pieces of evidence. The first … is the 850% increase in referrals from industry since 2013. Then the second is this evidence we get from the dark web.”
Some dark web sites require people to prove they have raped a child before they are allowed to enter.
She said that every month measures were taken to make sure 400 children were safe from paedophiles, and 500 people were arrested in connection with a sexual interest in children. “It brings huge demand. We want to get to the place that we can identify who the very dangerous contact offenders are.”
Owens said the NCA and police had not been able to investigate all of the suspects even when the numbers were believed to be much lower, and did not have the resources to analyse all the accounts discovered on the dark web. She is calling for £2.7bn over three years to boost the fight against serious and organised crime.
Owens said preventative programmes warning children of the dangers were now aimed at four- to seven-year-olds whose parents gave them tablet computers, whereas previously they were aimed at those eight years and over.
Speaking as the NCA launched its annual threat assessment, she said technology companies “had to do much more”.
Owens said: “Technology already exists to design out a lot of the preventable offending. Industry must block child abuse images upon detection, and do more to prevent online grooming.
“It must work with us to stop livestreaming of child abuse. It must do more to stop its platforms being used to advertise services, whether that be of people smugglers or to facilitate sexual exploitation.
“There is the need for nothing less than a revolution in the way that technology companies rise to this challenge.”
Peter Wanless from the National Society for the Prevention of Cruelty to Children (NSPCC) said technology companies should have a “mandatory” duty of care for children using the internet.
He said: “They need to step up and ensure fundamental child protection is designed into the online world.
“Things that our children come into contact with daily such as food, toys, clothes, are all expected to meet high safety standards that let us know children are safe to use them, and the same must apply to social networks.”