Yes!!! thats exactly the only things Im concerned with Tangle so far!

If i recall from the whitepaper, You can attack Tangle with 34% spam attack. But Iota has "Coordinates" an on-boarding mechanism to prevent 34% attack until network becomes matures and organics, and even if the attacker achieve 34% attack, the chances of successful manipulate the network is only 29% (still a pretty large number).

I used to think blockchain is great until everyone giving their power to mining pool where things could get worse ( eg: all pools combining their computing power to attack the network. )