The websites of four of the five largest American defense and military contractors, which received a combined $95,278,712,971 last year from the US government, don't use web encryption.
The main sites of Lockheed Martin, Boeing, Raytheon, and Northrop Grumman, all don't have the standard web encryption HTTPS enabled by default, which leaves visitors of these sites exposed to common cyberattacks that could potentially allow hackers to infect them with malware. When tested on Friday, Generaldynamics.com was also not encrypted. On Monday, however, the site redirected to gd.com, which is served over HTTPS.
When websites have enabled HTTPS, the connection between the visitors and the site is encrypted, making it more private and secure. Without HTTPS, a hacker on your wireless network, internet service providers or governments, can track your every move online and also intercept and manipulate the data being exchanged between you and the site.
https://motherboard.vice.com/en_us/article/yw39mg/us-military-contractors-lockheed-raytheon-boeing-dont-use-https