Just a thought. At 3 million nodes the network is still small considering it is a global network. How long from going live to get from 10’s of thousands to a few million is a good question. But one would expect that if the network is a success that at least a few percent of the world’s personal computers will be active nodes.
I think your 200% is understating the required number to cause noticeable disruptions/vandalism. Because of the mechanism that new nodes are reallocated by the network upon joining the ability to target groups is extremely hard. That means that there is only a random distribution and one needs to have, as you say, more nodes than the proper nodes. So while 2 bad to 1 good might on a random distribution get you momentary control of a group or two, it is only a minor vandalism. Since the network is dynamic those taken over groups may not survive for long and the bad nodes kicked out when in new groups.
As to data security, it should be fine since the compromised groups are minor and many copies of each chunk are spread across the network and any bad chunks will be rejected when being transferred across the network.
As to costs. I expect a network of 3 million nodes globally is under the radar of such groups as any particular government. 3 million represents less than 1 or 2% of the home computers in the USA alone and at 2% it is not even significant to demand control when the internet as a whole in the USA is either is or approaching 1 billion computers of all sorts. Remember nodes will be in SBCs, some phones (when charging), laptops, home computers, some business computers, some data centres. Just in Australia there is some 20-40 million computers that fit that category.
So in perspective for the SAFE network to come a force to reckon with or for governments to attack it would need to be a few % at least. And that is how many computers? Many times the 3 million you are working with.