I can't say I'm surprised or even impressed by this. The guy is exploiting an unauthenticated communications channel that has no verification of the origin of the message. From most of the details he's relying on the fact that these systems are open and he can falsify data. His go here is probably just giving bad telemetry data or course correction requests to the plane's auto-pilot.
There is a reason these systems are open. We can't even do key management properly when it is for non-critical systems. There is no way you're going to be able to organize a world wide key management scheme so that every plane on the planet will be able to talk to every ground control station and every other plane in the air. If you try to use some sort of shared secret that is placed in the devices by the manufacturer that will fail as well. You could arguably try to devise a scheme where if you can't communicate with another plane you fail open or that plane bounces signals off of an authenticated source and back to you instead but we're talking about very complex systems which need to remain simple so two things don't crash into each other (two planes or planes and the ground).
As pointed out this was presented at black hat last year for the next-gen system and the same exact points were raised back then.