This paper studies physical consequences of worst-case unobservable false data injection (FDI) attacks on the electric power system. In particular the focus is on FDI attacks wherein the attacker can only change measurements in an attack sub-network of the entire network and has limited knowledge of network parameters outside of this sub-network. The goal of this limited resource attack is to cause a physical line overflow for a chosen target line that will not be observable via measurements. To determine the worst possible consequences of such a class of FDI attacks, a bi-level optimization problem is introduced wherein the first level focuses on maximizing the target line flow subject to limited attack resources constraints, while the second level formulates system response to such attacks via DC optimal power flow (OPF). The attack model with limited system knowledge is reflected in the DC OPF formulation that only takes into account the system information for the attack sub-network and therefore is oblivious of congestion and data for the network outside this sub-network. The vulnerability of this attack model is illustrated for the IEEE 24-bus RTS system.