It is speculated the US govt has the ability to break eliptic curve based cryptography algos by knowing the "magic number"

Additionally, many sessions are logged and stored in a data center in Utah. No one really knows the extent of the logging but it's reasonable to assume noteworthy traffic is stored and if an insecure protocol is used it is decrypted and read.

Then there's always the equation group, those guys are scary good and who knows what sorts of ins they have to systems bypassing the need to sniff sessions to begin with!

https://youtu.be/NF1pwjL9-DE https://en.m.wikipedia.org/wiki/Utah_Data_Center https://en.m.wikipedia.org/wiki/Equation_Group