Number of nodes is not a problem. At least for security of the system. What could they do? Transmit invalid transaction / do not transmit a valid transaction.
Honest nodes and miners will ban those nodes straight away. They only good to spread the FUD across the system. And they already tried it with BitcoinXT. However, it is a psychological  (social-engineering) attack not a technical one. What they tried to do, is give an impression that a lot of people moved to their client. And probably, most of those nodes were running on single server.

Could similar attack happen in the future? Yes, possible. Maybe, it's already underway  with Bitcoin Classic. But those attacks not stand a chance against bitcoin protocol.