I'm saying if they have to backdoor specific firmware, there is still hope. Of course, since they have the capability to sap up nearly everyone's data, there isn't much hope to begin with.
Snowden revealed quite a bit in this space. The NSA has numerous departments and they cooperate.
You have the zero-day guys. They get lists of things that would be useful to hack, and they hack them. I'm sure that includes OSes, firmwares, peripherals, you name it. Some zero-days are held in reserve to avoid revealing them in case a high-priority target comes along.
You have the target intelligence guys. They identify systems to hack. They profile the targets - is this just a casual PC user, a company, or some government agency. They estimate how likely the target is to detect an intrusion - they don't want to use some super-secret zero-day on a guy who is ultra-paranoid and sends all their network traffic into a canary layered in 14 layers of firewalls and IDS.
You have the guys who run the wholesale hacking department. They pair up targets with zero-days and arrange to have them delivered, probably by redirecting their network traffic through a server that hands out the attack (too bad all your ad banners aren't protected by SSL, etc).
You have the rootkit guys who then take that initial foothold and exploit it, branching out into a network beyond the firewall and installing rootkits and monitoring software all over the place.
You have the intel guys who go in and harvest the information being sought.
Then you have the monitoring team. They make sure that all the compromised hosts stay compromised. Maybe you just installed some antivirus software that removed 3 out of the 14 rootkits they installed on your box, so they'll go ahead and put 5 more in and tell the CIA they need to be more generous with their symantec bribes.
All that division of labor means that they can break into vast numbers of computers very efficiently, with great expertise.