A telecommunications provider is like a taxi driver. If the passenger gets in and looks malicious (has a ski mask on, is holding a shotgun, ask to be driven to the bank, and asks the driver to wait while the passenger goes into the bank for a couple minutes) the taxi driver can be prosecuted as a criminal for providing the criminal ride. If a telecommunications provider offer a ride (transmits packets) to cybersecurity criminals that appear to be malicious (are malformed, originate from c&c infrastructure using c&c protocols, and/or are use fraudulence such as spoofing) the telecommunications provider isn’t prosecuted for giving the attacker a ride.
If I assist a criminal commit a crime I am prosecuted for my actions. If a telecommunications provider enables and facilitates a crime (such as hacking or denial of service attacks) they are absolved. Guess it’s good to be too critical [infrastructure] to be responsible.