The NSA doesn't need to bruteforce in every case they can in many cases get the creators of those security software if created in the US to build in backdoors.
The real problems are intended backdoors purposely left open by the developers.
Either because they were paid off or because they were forced to. In any case this is way more effective and time efficient than trying to actually break a code.
Are you making it easy for them with C:\Downloads\Illegal Downloads...Mine's in C:\Downloads\Legal Downloads