If what you report here is as claimed (and I’ll reserve judgement), then you are being targeted with exploit tooling worth multiple millions of dollars, and with individual exploit chains worth millions, and tooling more commonly used for espionage, and for access to those people and organizations of interest to governments and government agencies.
Accordingly, your entire current approach here will seemingly be less than successful, if what you write here is what has happened in this case.
You really need to rethink your entire approach here given your reported massive value to your attackers, and you will absolutely need digital forensics and a detailed review of your entire approach to your own security.
And to what data you maintain, and with what communications equipment you have with, too.
Based in what you’re reporting, you’re far beyond the help that can be offered here. Or by anybody absent digital forensics, device access, and a detailed discussion with you. (That review is also not going to be cheap.)
And as this has reportedly been ongoing for a year, whatever the issue here—whether the involvement of very expensive exploit tooling, or maybe the issue here is something else entirely—it’s just not going to change with this posting, or with your current approach.