This statement is simply not correct to put it mildly!

When we contacted you regarding C2 of Netwire malware you replied and I quote: "To make long things short: Because we have no logs, there isn't much we can do in order to solve this case."

Tonu
CERT-EE

To answer your last question: If we receive a valid abuse report i.e. from a CERT we temporarily close the regarding Port on the particular IP.
If the customer then starts to complain we send him a copy of the report and point out that another violation of our ToS will result in a termination of the account without a prior warning and without the option of a refund.