I used to be a Command Controller (CC) at the Laboratory for Atmospheric and Space Physics (LASP) (http://lasp.colorado.edu/). I was one of the people who would sit in front of the console during the times when spacecraft were visible to the ground stations. I would read/record telemetry to ensure spacecraft health and often send up new commands that would be executed by the spacecraft.

In order to communicate with the ground stations (for both data and voice if necessary), the Mission Operation Center (MOC) at LASP had to have a connection to NASA's "red net". I am not sure if this was a LASP term or a NASA term. A google search turned up little information.

In order to be even let in the room with access to the "red net" background checks were required. Then, in order to actually interact with the console, you had to be a certified CC, or a CC in training being overseen by a certified CC. All CC activity is always overseen by a "Flight Controller" (FC) or even a "Flight Director" (FD).

In the training to become a CC, we all had to know exactly the packet structure of the communication protocol for every spacecraft we operated. While there were most certainly checksums in the protocol, I don't believe that there was any sort of encryption, authentication or verification of the data received by the spacecraft. The spacecraft are always designed to be very fault tolerant, and have fallback modes in case the RF communication is corrupted or there are other "single bit errors". Error detection and correction is a fundamental feature of RF spacecraft communication.

I also worked on one deep space mission, though not as a CC. Anything not in earth orbit would require much larger antennas and likely what NASA calls the "Deep Space Network" (http://deepspace.jpl.nasa.gov/dsn/). This makes an attack even more challenging.

The risks as I see them today are several fold. I am not sure if they have since been fixed as I haven't worked at LASP in many years. I am also completely unaware of the design of anything but a few scientific missions. The worst things I think an attacker could do would be:

Threaten to deorbit the spacecraft, or even simply waste precious propulsion fuel, for mischeif or for ransom. Threaten to try to change the orbit which could possibly cause a collision with other spacecraft -- again, for mischeif or ransom.

Otherwise, I am not sure what could be gained by an attacker.

Here are the vectors I see that may make an attack possible:

Forged communication with the spacecraft. This would have to be done with knowledge of the spacecraft's ephemeris and with the ability to establish communication with the spacecraft. The ephemeris is fairly easy to obtain, but getting control of a ground station may require that the attacker be a state actor. Man in the middle (MITM) attacks between the ground station and MOC. Getting onto the NASA "red net" would be highly challenging. This is the same network that the space station operates on. However, once there, it might be possible to somehow become a MITM and pass on good or forged telemetry to the MOC while sending arbitrary commands to the ground station (ignoring any commands sent by the MOC). This would also require that the attacker have fairly vast resources and prior knowledge.

In either of these cases, the payoff would likely not be worth the reward. Then again, I only worked with "smallish" scientific missions. It might certainly be worth the risk for one country to "steal" a military spacecraft from another as the cost for a country to design, launch and maintain such a spacecraft is likely much greater than the cost of the attack. I imagine these have much stronger security though.

To answer your question, I don't know how secure the Mars Curiosity mission is. However, due to the distance, it probably operates solely on the DSN ground stations (very large antennas, of which there are only a handful in the world). Any attacker would either have to commandeer one of these stations, or build his own (which would be hard to hide). Further, the security of the communications between the ground stations and mission operations is certainly a top priority for NASA and JPL.

In summary, communications reliability is a much greater concern when designing spacecraft -- it's really hard to talk to stuff so far away, with so much interference in-between and the constant bombardment of radiation that can affect just about anything in the process. While there may or may not be any sort of encryption, authentication or verification in the RF communication between the ground station and the spacecraft, the ability to actually interfere would likely only be available to nation-states. It would also be hard to hide who would be behind such an attack and the political fallout would likely be immense.