The NSA was originally responsible for the security of our nations compute infrastructure (particularl after the events of World War II made it clear how important reliable cryptography is).
The first national standard for encryption was called DES. And the NSA played a vital role in making it stronger:
"The S-boxes that the government had specified in DES turned out to be resistant to this kind of attack. It was later revealed that IBM's researchers had discovered differential cryptanalysis and told the NSA about it. Rather than undermining the algorithm, the NSA had used the technique to shore up DES to improve its security, then kept it secret."At some point, it appears the mission changed.
"Specifically, a NIST-approved standard from 2006 was functionally edited solely by the NSA... The algorithm [Dual_EC_DRBG] was extremely slow, and the random numbers it produced were flawed: they had a detectable bias, with some numbers slightly favored over others. With these issues, the obvious response would be to exclude it, but it was kept in at the NSA's insistence."
"As such, it all seems to be a bit pointless. Unlike the NSA's secretive work on DES—which made the algorithm better—the secretive work presumed to have taken place on SP 800-90 has probably made it a little bit worse. Money well spent? Not really."