Meet Ground Station As A Service
You might think that the satellites orbiting Earth are secured against unauthorized access but sadly it seems that is not the case. The belief that satellites are secure is mostly based on the assumption that the hardware inside is a well kept secret, and that communicating with a satellite is next to impossible without access to it’s ground station. Sadly, both assumptions are untrue.
The hardware inside commercial satellites is easy purchased to be able to tear apart, assuming you have the money. Once someone has that hardware in hand they can take all the time they need to find vulnerabilities, after all it’s non-trivial to replace hardware on a satellite in low Earth orbit. The researcher, who somewhat regrets doing this research also determined you could build your own functional ground station for around $10,000. That’s not cheap, but likely nowhere near the amount of money you might have assumed it would take.
You can also skip the ground hardware, as both AWS and Azure offer Ground Station as a Service (GSaaS) now. Again, all it takes is a bit of money to gain the ability to communicate with orbiting satellites. As an example, the popular CubeSat has no authentication protocols, and broadcast unencrypted signals. More nightmare fuel can be found at The Register.
As an academic, Willbold took a more direct approach. He just asked satellite operators for the relevant details for his paper. Some of them agreed (although he did have to sign an NDA in one case) and the results somewhat mirrored the early computing days, when security was sidelined because of the lack of computing power and memory.