Isn't this normal? I mean after you break in keeping a low profile and staying undetected for as long as possible sounds like a no brainer to me. I wouldn't be surprised if some APTs were inside some "worst" companies for even 2 years at a time.
Edit: from the Wikipedia page on Advanced Persistent Threats:
> The median "dwell-time", the time an APT attack goes undetected, differs widely between regions. FireEye reports the mean dwell-time for 2018 in the Americas is 71 days, EMEA is 177 days and APAC is 204 days.[4] This allows attackers a significant amount of time to go through the attack cycle, propagate and achieve their objective.
Edit: from the Wikipedia page on Advanced Persistent Threats:
> The median "dwell-time", the time an APT attack goes undetected, differs widely between regions. FireEye reports the mean dwell-time for 2018 in the Americas is 71 days, EMEA is 177 days and APAC is 204 days.[4] This allows attackers a significant amount of time to go through the attack cycle, propagate and achieve their objective.