Even one malicious witness can significant disrupt the chain and cause consensus delays, as well as losses or malfunctions to services which don't wait for many confirmations/finality (which many don't and this usually works because witnesses are not malicious and accidental consensus disruption due to network delays are usually rare).

A single witness can't put in an irreversible transaction anyway, as other witnesses can always replace the block, either deliberately or by accident (above network delays, etc.)

Also, we do have backups, and they can certainly be malicious. So one malicious top 20 is actually two malicious witnesses (which may be the same actor) in a round when a malicious backup is scheduled. The potential for mischief multiplies...