I can see why they'd be considering wholesale replacement, but I'm not sure it's going to be good enough for a long-term fix because of A) the scope of the problem and B) replacements that still have vulnerabilities. If the intruders have the level of access, time and resources that it sounds like and it's a "state sponsor" with substantial resources to dedicate, then they may have infected some systems at a hardware level that would be almost impossible to root out or detect.
Some of the things that might be compromised and difficult to detect or clean if detected would be hard drives (BIOS), network equipment (firmware in managed switches, routers, access points, etc.), printers and copiers (firmware, plus internal hard drives in some cases) and any other "appliances" on the network that are really special-purpose computers just like the items I listed above. Those "appliances" may be NAS devices, document management servers (some of which have been sold as turnkey solutions but which probably run Linux and some proprietary web and services software), HVAC systems, almost anything.