Security experts were left reeling after a man swam ashore, scaled a fence and walked, dripping wet, into Kennedy Airport, defying a 100 million-dollar network of surveillance cameras and motion detectors.
The Port Authority of New York and New Jersey, which oversees JFK Airport, quickly added police patrols to the airport perimeter and said it was investigating the security breach.
"Thank God it wasn't a terrorist, but we have to look at it as if we had another attack," said Isaac Yeffet, former chief of security for Israeli airline El Al. "That's the only way we'll improve the system."
Authorities said the trouble began on Friday evening when 31-year-old Daniel Casillo's jet-ski ran out of fuel in Jamaica Bay. Casillo swam towards the bright lights of Kennedy's runway 4L, which juts out into the bay, then climbed an 8ft fence that is part of the airport's state-of-the-art Perimeter Intrusion Detection System, authorities said.
Soaking wet and wearing a bright yellow life jacket, Casillo made his way across two intersecting runways - an estimated distance of nearly two miles - before he was spotted on a terminal ramp by an airline employee, authorities said.
According to the police report, Casillo told an officer: "I needed help!"
Casillo was released without bail pending a court appearance on October 2. A man who answered the phone at the home of Casillo's girlfriend said the couple's lawyer had advised them to stop speaking to the media.
The intrusion-detection system, manufactured by defence contractor Raytheon, should have set off a series of warnings, said Bobby Egbert, spokesman for the port authority police officers union.
"This system is made specifically for those types of threats - water-borne threats," he said. "It did not detect him climbing over a fence. It did not detect him crossing two active runways."
Port authority police interrogated Casillo and charged him with criminal trespassing. Authorities said the airport grounds were clearly marked with no-trespassing signs that indicate it is a "restricted area for authorised personnel only".
"We have called for an expedited review of the incident and a complete investigation to determine how Raytheon's perimeter intrusion detection system - which exceeds federal requirements - could be improved," the port authority said in a statement.
The agency offered no explanation of what went wrong or whether it was human error or equipment failure.
A spokesman for Raytheon would not comment.
"The catastrophic failure was that nobody sounded the alarm to go to condition red intruder alert," said former New York City detective Nicholas Casale, who was deputy director of security for counter-terrorism at the New York metropolitan area's transport agency.
"Immediately there should have been an armed response. Heavy weapons, armoured cars to the area that the perimeter was breached. The airport should have been locked down."
The intrusion-detection system employs sensors, motion detectors and video surveillance, Mr Egbert said. A security guard employed by a private contractor is supposed to keep an eye on the footage from a monitoring room, the union spokesman said. If the guard determines there is a threat, a private security officer is sent to investigate, Mr Egbert said.
From there, it is up to the private security force to decide whether to notify port authority police.
The detection system, which was phased in several years ago, has been a source of tension between the port authority and the police union. The union contends that manpower - in the form of patrols in the air, on the water and on the ground - is the best way to protect the airport.
"This has all been structured to remove the police from the situation," Mr Egbert said. "Technology doesn't catch terrorists. Boots on the ground do."